Agent Builders
Add Fidacy to your agent
Your AI agent is about to spend money or take an action. Fidacy is the external gate that decides, approve, review, or deny, and returns a cryptographically signed verdict. It runs outsidethe model, so a prompt-injected or hijacked agent can't talk past it. Three steps: get a key, wrap the action, honor the decision.
1 · Get an API key
Sign in at app.fidacy.com, create your org (one click), and mint a key scoped to assess:write. Start on the free Developer tier (1,000 assessments/month, no card). Use a fky_test_… key while you build, it runs in sandbox mode and never counts as live.
export FIDACY_API_KEY="fky_test_…" # sandbox while you build
2 · Gate the action before it executes
Wherever your agent is about to call its pay / checkout tool, call /v1/assess first and act only on approve. The gate is one HTTP call, no SDK required.
// agent-guard.ts, wrap any agent payment/action in a Fidacy verdict
const FIDACY = "https://api.fidacy.com";
export async function guard(mandate: Record<string, unknown>) {
const res = await fetch(`${FIDACY}/v1/assess`, {
method: "POST",
headers: {
authorization: `Bearer ${process.env.FIDACY_API_KEY}`,
"content-type": "application/json",
},
body: JSON.stringify({ kind: "ap2_payment", mandate }),
});
// Network/HTTP failure → treat as NOT approved (fail safe, never auto-pay).
if (!res.ok) return { decision: "review", reason: `fidacy_${res.status}` };
return res.json(); // { decision, score, riskPayloadJws, mandate, outcome, ... }
}
// …inside your agent's payment tool:
const verdict = await guard({
vct: "mandate.payment.1",
transaction_id: crypto.randomUUID().replace(/-/g, ""),
payee: { id: "merchant_42", name: "Acme Corp" },
payment_amount: { amount: 4299, currency: "EUR" }, // minor units
payment_instrument: { id: "pi_1", type: "card" },
});
if (verdict.decision !== "approve") {
// Do NOT execute the payment. See step 3.
return halt(verdict);
}
await executePayment(verdict.mandate); // mandate carries the signed risk_dataPython, same shape:
import os, uuid, requests
def guard(mandate: dict) -> dict:
r = requests.post(
"https://api.fidacy.com/v1/assess",
headers={"authorization": f"Bearer {os.environ['FIDACY_API_KEY']}"},
json={"kind": "ap2_payment", "mandate": mandate},
timeout=8,
)
if not r.ok:
return {"decision": "review", "reason": f"fidacy_{r.status_code}"}
return r.json()3 · Honor the decision
- ·approve, execute the action. Forward
verdict.mandate: the signed Risk Payload is already injected into itsrisk_data. - ·review, pause the agent and step up to a human (or stronger auth) before clearing. Never treat
reviewas a soft approve. - ·deny, block the action and surface the
rejection_reasonsto your user. No money moves.
review, never approve. The guard() above does this for you. The engine itself also degrades to review on any internal fault, never to approve.Honoring the decision here is on the agent. To make it enforceable, so a deny cannot move money even if the agent ignores it, route payments through the Payment Firewall: an approve issues a short-lived grant the executor checks before money moves, and the audit head is anchored to Bitcoin.
Spending a user's money? Add a budget
If your agent spends on behalf of a consumer, attach a spending_mandateto the same call, per-transaction caps, daily/monthly limits, allowed merchants, and a human-confirmation threshold. The gate enforces the user's budget in code, outside the agent. See Spend Guard.
// add to the /v1/assess body, off by default, most-restrictive wins
"spending_mandate": {
"subject": { "user_id": "usr_123" },
"per_transaction_max": { "amount": 10000, "currency": "EUR" },
"daily_max": { "amount": 50000, "currency": "EUR" },
"require_human_confirmation_above": { "amount": 7500, "currency": "EUR" }
}Verify the receipt (no callback needed)
Every approve ships a signed Risk Payload (JWS). Any party, your backend, the merchant, an auditor, can verify it offline against the public JWKS, with zero calls back to Fidacy. This is the tamper-evident receipt that proves the decision was made.
Copy-paste verification code (Node + Python) is on the Verify a Payload page.
fky_test_… key for a fky_live_… one. Nothing else changes. Track usage and your tier at app.fidacy.com/billing.