Guides

Task-oriented instructions: webhooks, metadata, organization management, and more.

• Authenticate x402 agents with wallet verifiers Bind x402-paying wallets to stable agent identities — add CAIP-2 wallet verifiers, resolve a payer wallet to an agent, and scope what it may do.
• Give an AI Agent Its Own Credentials Create an AI agent identity in AuthPI, issue it a secret, authenticate with client_credentials, validate agent tokens, and manage its lifecycle.
• Invite users to organizations Create, send, and manage organization invitations with the AuthPI Core API — inviter attribution, the invitee journey, lifecycle states, resend semantics, and events.
• Issue and manage API keys Create, scope, rotate, and revoke organization API keys for the AuthPI Core API — covering scopes, IP allowlists, expiry, and one-time secrets.
• Machine-to-machine auth: API keys, clients, or agents Choose the right machine-to-machine credential on AuthPI — org API keys for the Core API, client_credentials for your own APIs, or agent identities.
• Manage and revoke sessions List, revoke, and suspend user sessions on AuthPI — log a user out everywhere, understand what revocation does to tokens, and the full kill-switch sequence for compromised accounts.
• Metadata Learn how to use metadata to store internal data on AuthPI resources.
• Organization lifecycle & guarantees The operational contract for AuthPI organizations — ID stability, suspension semantics, hard-delete cascade, and exactly when membership changes reach tokens.
• Validate AuthPI tokens in your API Verify AuthPI access tokens in your backend with jose or PyJWT — signature checks via JWKS, issuer/audience validation, the at+jwt header, scope checks, and unknown-kid handling.
• Webhooks Learn how to set up webhooks to receive real-time notifications about events in your AuthPI account.