feat: Add Typescript samples to demonstrate globally unique agentic ids scoped to users and businesses, and decentralized authentication

[mprynce]

A2A Server with support for global identity and authentication using the Agentic Profile

This folder builds on the work in the samples/js/src/server folder, and adds support for:

• Decentralized authentication
• Globally unique ids to identify both the agents and the entities they represent, such as people or businesses

Some blog posts for perspective:

• Enhancing A2A with the Agentic Profile
• Can Agentic AI Avoid the Tower of OAuth Babel?
• Finally, a way for AI Agents to Dance Together

Integration Approach

• Create a new js/src/server-with-authentication folder that builds on the ../server code
• A2AService extends A2AServer and supports multiple agents in same Express app + agentic authentication
• Leverage W3C DID documents + JWT; very little new code, mostly glue
• Comprehensive README.md in server-with-authentication folder with examples
• Minor updates to js/src/cli

What is an Agentic Profile?

An Agentic Profile is a W3C DID document that:

• Provides a globally unique - user or business scoped - identity
• Supports decentralized authentication

Globally Unique Identity for Users and Businesses

Current agentic frameworks scope to individual agents, but business and other transactions rely on trust which require knowing who the agent represents and if the agent has the authority to take a particular action on the user or businesses behalf.

An Agentic Profile is a JSON document following the W3C DID specification, and represents a person, business, or other entity. An Agentic Profile lists AI agents that represent the entity, along with information about the agent such as service endpoints and authentication schemes.

Decentralized Authentication

By default, the Agentic Profile supports decentralized authentication using JWT and public key cryptography. Each agent listed in the DID document under the service property can provide capabilityInvocation information. This information can include a named public key, or a reference to a named public key.

When an agent is challenged, the agent uses its private key to create a JWT which includes both the challenge, and the agent's DID+agent id. For example the DID did:web:example.com:iam:mike#coder would represent the DID document at https://example.com/iam/mike/did.json and the agent with the id "#coder" in the documents "service" list.

How does the Agentic Profile integrate with A2A?

Each A2A agent is listed in the service array property of the Agentic Profile/DID document using the following conventions:

• The serviceEndpoint property is a URL to the A2A agent (when not ending in / or agent.json), or the agent card (when ending in / or agent.json)
• The service type is A2A

[EditUndo]

Mind if I add to the artinet/sdk?

[mprynce]

Mind if I add to the artinet/sdk?

That would be great! Looking forward to hearing about your integration, and any improvements you'd like me to make to the agentic profile protocols.