Nuggets gives your AI Agent a secure way to prove it is not a bad actor.

Demo

See an example of Nuggets authentication integrated with Google’s A2A protocol demo.

Getting Started

1

Create an AI Agent

Go to the Nuggets Account Portal and navigate to the AI Agents page to create your first agent.

AI Agent - Menu Item

2

Download Private Key and Save Client ID

Once created, you will be prompted to download the private key for this client. It is important you save this file.

This key is only available once and is needed to successfully authenticate your AI Agent.

AI Agent - Private Key Download

3

(Optional) Add Verified Information

Within Nuggets, you can build greater trust by adding verified information—such as a validated social media account for either the AI Agent or its creator.

AI Agent - Menu Item

Advanced Check - Invite Verifications

Authenticating The Agent

Now you have created the Agent inside the Accounts Portal, we can use the created details to authenticate the agent.

1. Install the authentication package.

To get started, firstly install the authentication package on the agent and server.

npm install @nuggetslife/auth

Next, you’ll need to add the private key and the DID provided from the accounts portal to your agent environment:

export NUGGETS_DID=
export NUGGETS_PRIVATE_JWK=

2. Expose an authentication endpoint on the Agent.

Expose an endpoint on your agent which allows for the JWT token to be generated (via createAuthenticationToken). Under the hood, this uses your downloaded private key and assigns the DID to the payload.

Create the authentication token on the agent (express example).
// # Agent
import type { Request, Response } from "express";
import { createAuthenticationToken } from "@nuggetslife/auth/ai";

app.get("/authenticate", async (req: Request, response: Response) => {
  const token = await createAuthenticationToken();
  res.send(token);
});

3. Verify the token

Once the requesting server receives the token, you are then able to verify it using the verifyToken function. If successful, this will return the DID Document for the client. If unsuccessful, the agent is potentially a bad actor.

You can get the details from your clients DID Document by extracting the client ID from your DID and navigating to` ` https://auth.nuggets.life/{CLIENT_ID}/.well-known/did.json

Authenticate the agents token.
import { verifyToken } from "@nuggetslife/auth/ai";

function getTokenFromAgent() {
  return fetch("AGENT_URL/authenticate").then((res) => res.json());
}

export async function authenticate() {
  try {
    const token = await getTokenFromAgent();
    const { did } = await verifyToken(token);
  } catch (error) {
    console.error("Error verifying the token");
  }
}

Verify token response

did
object

The DID Document resolved from the DID in the token.

services
object

An object of services

services.VerifiedInformationAPI
string

Returns the URL to get the verified information as JSON

services.VerifiedInformationHTML
string

See a hosted page with the details of you AI Agent

4. Additional Information

Once a successful connection is made, you’re then able to retrieve more information about the agent via the verifiedDetails call. This calls the services that are returned as part of the client’s DID Document.

You can get the verified information about your client by extracting the client ID from your DID and navigating to` ` https://auth.nuggets.life/verified-info/{CLIENT_ID}/json

Get Verified Information
import { getVerifiedDetails } from "@nuggetslife/auth/ai";

export async function authenticate() {
  try {
    const token = await getTokenFromAgent();
    const { did } = await verifyToken(token);
    const verifiedDetails = await verifiedDetails(did);
  } catch (error) {
    console.error("Error verifying the token");
  }
}