AI Agents

Deploy an Agent

View as Markdown

When to use

You have an agent runtime (LLM host, workflow engine, RPA bot) and want to bind it to an IDA agent DID with appropriate delegation.

Before you begin

  • A signed-in account (any role).
  • An MCP-I or A2A endpoint URL where your agent listens (or “platform-hosted” if you want IDA to host the bridge).
  • A clear capability list (read-only? sign-on-behalf?). Default to least privilege.

Steps

  1. Navigate to /agents/deploy. 2. Step 1 — Basics:
    • Name — human-friendly label.
    • Description — what the agent does (used in the agent card).
    • Principal DID — auto-populated with your primary DID.
  2. Step 2 — Identity:
    • Either create a new DID for the agent (one transaction), or attach an existing DID.
    • The wizard generates the keys server-side; private keys are stored encrypted with the wallet’s HSM master key.
  3. Step 3 — Capabilities:
    • Select from a catalogue (e.g., read:credentials, present:credentials, sign:didcomm, issue:credentials (admin only), revoke:proofs).
    • For each capability, optionally constrain the resource (e.g., read:credentials only for schemaId in [foo,bar]).
  4. Step 4 — Autonomy & policy:
    • Autonomy level — 1 (Observer) to 5 (Delegate). See §6.6.
    • Maximum delegation depth — how many sub-agents this agent can spawn.
    • Validity period — IBCT expiry.
  5. Step 5 — Endpoints:
    • MCP server URLhttps://my.agent.example/mcp.
    • A2A endpoint URL — optional.
    • Webhook URL — for in-platform callbacks.
  6. Step 6 — Review & deploy.

The wizard performs:

  1. POST /api/v1/dids to provision the agent DID.
  2. PUT /api/v1/dids/{did} to add the agent service endpoints.
  3. POST /api/v1/agents to register the agent in the AgentTrustRegistry (agent.go:34, router.go:131).
  4. POST /api/v1/agents/{principal}/delegate to mint the initial IBCT (agent.go:166, router.go:137).

API & SDK

cURL — registerTypeScript SDK
$curl -X POST https://adid.dev/api/v1/agents \
>  -H "Authorization: Bearer $ACCESS_TOKEN" \
>  -H "Content-Type: application/json" \
>  -d '{
>    "operator":"did:adi:0xHuman...",
>    "modelInfo":{
>      "provider":"OpenAI",
>      "name":"gpt-4o",
>      "version":"2026-03-01"
>    },
>    "capabilities":[
>      { "name":"read:didcomm", "description":"Read inbound DIDComm messages" },
>      { "name":"tag:didcomm", "description":"Apply triage tags" }
>    ],
>    "autonomyLevel": 3,
>    "services":[
>      { "id":"#mcp", "type":"MCPEndpoint", "serviceEndpoint":"https://my.agent.example/mcp" },
>      { "id":"#a2a", "type":"A2AEndpoint", "serviceEndpoint":"https://my.agent.example/a2a" }
>    ]
>  }'

Note — the agent’s DID is generated server-side and returned in the response (agent.did). Do not send a did field in the request.

1const agent = await client.registerAgent({
2  operator: 'did:adi:0xHuman...',
3  modelInfo: { provider: 'OpenAI', name: 'gpt-4o', version: '2026-03-01' },
4  capabilities: ['read:didcomm', 'tag:didcomm'],
5  autonomyLevel: 'Senior', // mapped to int 3 by the SDK
6  services: [
7    { id: '#mcp', type: 'MCPEndpoint', serviceEndpoint: 'https://my.agent.example/mcp' },
8    { id: '#a2a', type: 'A2AEndpoint', serviceEndpoint: 'https://my.agent.example/a2a' },
9  ],
10});
11console.log(agent.did); // server-issued

Verify

Open /agents — your agent appears with status active and trust score 0 (rises with usage). Resolve the agent’s DID — service endpoints are populated.

Troubleshooting

CodeCauseFix
400 INVALID_AUTONOMY_LEVELLevel not 1–5Use a valid integer.
403 PRINCIPAL_NOT_OWNEDPrincipal DID not yoursSign in as the principal’s owner.
409 AGENT_ALREADY_REGISTEREDDID already in agents tableUse a different DID, or update the existing one.