Your agents need an identity.
Your compliance team needs proof.
The KYA program gives every AI agent a stable, auditable identity — with cloud-attested trust levels, operator accountability, and signed credentials your downstream systems can verify offline.
Separate Product
Deploying consumer-facing agents?
Consumer transparency seals — public verification pages, review-gated scope declarations, and the Eniyan Trust seal — are part of Eniyan Trust Transparency, our dedicated consumer trust product.
Trust Tiers
KYA mirrors KYC. Three trust levels.
Just like human identity has basic, strong, and enhanced verification — KYA assigns agents a trust level based on what's been declared, attested, and linked.
Minimal declaration — model name only
Agent registered but not yet fully classified
Full declaration (5 fields) or cloud attestation
Production agents with complete classification
Full declaration + cloud attestation + operator linked
KYA Ready — cryptographic proof of environment and human accountability
Cloud attestation (AWS/GCP/Azure) sets a minimum STRONG floor — regardless of declaration completeness.
The KYA Program
Everything a KYA audit requires.
Persistent Agent Identity
Every agent gets a stable UUID that persists across re-verifications, model updates, and credential renewals — one identity for the full lifecycle.
Declaration-Based Trust Scoring
Agents are scored on declaration completeness: model, framework, purpose, autonomy level, data classification, and access mode. More complete = higher trust.
Cloud Environment Attestation
Submit an AWS EC2 identity document, GCP VM token, or Azure managed identity token. We cryptographically verify the execution environment — attested agents receive a minimum STRONG trust floor.
Operator Accountability Chain
Each agent is anchored to a KYC-verified human operator credential. If the operator's credential is revoked, all linked agents are cascade-suspended automatically.
Signed Agent Credentials
EniyanTrustAgentCredential — ES256 W3C Verifiable Credentials with embedded purpose, autonomy, scopes, environment, and attestation status. Offline-verifiable via JWKS without calling our API.
Quantum-Ready Credentials (NIST FIPS 204)
The credential format supports a hybrid signature: ES256 (classical) plus ML-DSA-65 (CRYSTALS-Dilithium, NIST FIPS 204). Classical verifiers work unchanged. PQC-aware verifiers gain protection against Shor's algorithm — no retroactive forgery, even after quantum computers arrive. First in the AI agent identity market.
Model Version Monitoring
Re-verification is triggered automatically when an agent re-registers with a different model version — ensuring credentials always reflect the agent's current runtime.
KYA Compliance Dashboard
Real-time compliance score (0–100) weighted across attestation coverage, operator linkage, full declaration coverage, and suspended agent ratio. Know your KYA gap at a glance.
Tamper-evident Audit Trail
Every registration, attestation, operator link, model change, suspension, and retirement produces a signed, append-only audit log entry — SOC 2 ready, 7-year retention.
Time-Limited Credentials
Set a credential validity window at enrollment — from 1 to 365 days. When the window closes, the agent is automatically suspended and monthly billing stops. Reissue from the dashboard at any time to reactivate without re-enrolling — the AgentIdentity, compliance history, and operator link are all preserved.
Consumer Transparency Seal
Mark any agent as consumer-facing to unlock a public verification page — a structured scope checklist, live credential status, and the Eniyan Trust seal. Scope changes trigger a new review cycle before the public page updates.
Structured Scope Checklist
Declare exactly what a consumer-facing agent can and cannot do from a standardised catalogue of capabilities and restrictions. No freeform text — the same format for every agent, platform-reviewed before going live.
Just-In-Time (JIT) Credential Activation
No standing privileges. Enable JIT mode on any agent and its credential is SUSPENDED by default. Operators open a named task window (with a TTL and narrowed scope) to temporarily activate access — then close it explicitly or let it auto-expire. Each verify call returns active_task_scopes so downstream systems enforce task-scoped permissions without a second API call. Scope violations are logged in real time and fire an instant webhook.
Sub-Agent Credential Delegation
Agents can spawn purpose-scoped child agents that inherit trust from the parent — no separate human operator required per child. The org declares can_spawn_subagents at registration. Child trust is capped at the parent's level, scopes are enforced as a strict subset, and the operator is notified via webhook on every delegation. If the parent is suspended or retired, all its sub-agents are cascade-suspended automatically.
KYA Ready
Tell your compliance team it's handled.
An agent earns KYA Ready status when it's active, cloud-attested, operator-linked, fully declared, and holds a STRONG or ENHANCED credential. That's the bar. We track it for every agent in your fleet.
Just-In-Time Credential Activation.
The PAM principle applied to AI agents. Agent credentials are SUSPENDED by default — only live for the duration of a named, scoped, time-bounded task. No standing access. No silent exposure window. Zero-trust for the AI era.
Agent credential becomes suspended by default. No standing access between tasks.
The operator's application calls the wake endpoint with a task label, narrowed scopes, and a bounded TTL.
Credential is active for the resolved window only. Verification calls return the active task scopes.
Task completes, is cancelled, or times out. Credential auto-suspends.
Every wake carries a required-scopes list — a strict subset of the agent's delegated scopes. Downstream systems pass the scope they're about to use at verify time; Trust Layer returns whether it's authorised. No second API call needed.
When an agent tries to use a scope outside its current wake window, Trust Layer writes an audit event and fires a webhook — immediately, before the action completes. Your operators see the exact scope attempted, the task label, and the active scope window.
Schedule a wake ahead of time for batch jobs, maintenance windows, and overnight processing runs. Trust Layer activates the credential at the scheduled moment and auto-suspends when the window closes.
Built for the post-quantum era.
Eniyan's credential format is built for a hybrid signature — ES256 for today's verifiers, ML-DSA-65 (NIST FIPS 204) for tomorrow's quantum threat. Classical verifiers work unchanged; PQC-aware verifiers are protected against Shor's algorithm retroactively.
Adversaries are already collecting signed credentials to crack later when quantum computers arrive. Credentials signed with ML-DSA-65 cannot be retroactively forged — even after Shor's algorithm is practical.
The ES256 signature is unchanged. Every existing integration, third-party verifier, and offline JWKS check continues to work without modification. The pqc_sig claim is silently ignored by non-PQC verifiers.
Oasis, Astrix, Teleport, and AstraSync all use classical cryptography only. Eniyan is the first AI agent identity platform to ship NIST FIPS 204 ML-DSA-65 hybrid signing on production credentials.
ML-DSA-65 (CRYSTALS-Dilithium) is one of three post-quantum signature algorithms finalised by NIST in August 2024. It was chosen for its balance of signature size (~3.3 KB) and performance — ideal for high-volume credential issuance. The signing key never leaves the server; the public key is published at /.well-known/jwks.json alongside the classical P-256 key.
The ML-DSA-65 signature is computed first and embedded as a pqc_sig claim in the payload. The ES256 signature is then computed over the complete payload — including pqc_sig. An attacker cannot replace the ML-DSA signature without invalidating the classical signature, and vice versa.
Agent credentials can have up to 5-year validity. Without ML-DSA-65, a credential issued today would be quantum-vulnerable for its entire lifetime. With hybrid signing enabled, credentials issued under it will still be verifiable by post-quantum verifiers in 2029, 2030, and beyond — without re-issuance.
Our hybrid credential format carries two signatures in one payload: an ES256 signature over the standard JWT claims — the signal classical verifiers already understand — and an ML-DSA-65 signature over the same bytes for post-quantum verifiers. The classical signature covers the post-quantum proof, so tampering with either breaks the whole credential.
Both signing keys are published at the standard JWKS endpoint. Existing OIDC / JWT tooling continues to work without changes; post-quantum tooling picks up the second key automatically.
Integration
Enroll, attest, activate on demand.
Declare the agent, attach an attestation token, link an operator — and Trust Layer handles scoring, credential issuance, compliance tracking, and audit logging automatically. Enable JIT mode to enforce zero standing privileges from day one.
Read the KYA integration guide →# Just-in-time access: agents are suspended between tasks.
# 1. Wake the agent for a single, named task
# One API call opens a scoped, time-bounded window —
# e.g. "resolve ticket 8821", read + draft only, 15 minutes.
# 2. The credential is active for that window only.
# 3. It auto-suspends on completion or timeout.
# Zero standing privileges the rest of the time.Available add-ons
Extend your Trust Layer plan
Add-ons unlock capabilities beyond the base plan. Available to any Trust Layer customer.
KYA Compliance Pack
Audit-ready documentation for every AI agent you deploy. Live compliance PDFs, AI System Cards, scheduled exports, custom branding, and a 24-month archive — all generated from your real KYA registry data.
For security audits · regulatory compliance · board governance
Simple per-agent pricing
From $15 registration + $5/agent/month. Scales from 25 to 1,000+ active agents. KYA compliance dashboard included.
See pricing →Eniyan
Start shipping verifiable trust.
Today. On a free plan.
Pick one product or all three. No credit card to start. Switch or combine whenever you're ready.