AgentWeave is an open-source Python SDK providing cryptographic identity, mandatory mTLS, and policy-based authorization for AI agents. It is the trust and security infrastructure layer for agentic commerce.

How does AgentWeave secure agent-to-agent communication?

AgentWeave enforces mandatory mutual TLS (mTLS) on every connection. Every agent receives a cryptographic SPIFFE identity. The secure path is the only path — security cannot be bypassed.

What is agentic commerce?

Agentic commerce is the emerging $20.9B market where AI agents autonomously discover, negotiate, and complete purchases. AgentWeave provides the trust infrastructure this market requires.

Open Source · Apache 2.0 · Python 3.11+

The Trust Layer for
Agentic Commerce

Cryptographic identity, mandatory mTLS, and policy-based authorization for the $20.9B AI agent economy. Security that cannot be bypassed.

$ pip install agentweave

Get Started Star on GitHub

agent.py

from agentweave import SecureAgent, capability

class PurchaseAgent(SecureAgent):
    @capability("negotiate")
    async def negotiate(self, order: dict) -> dict:
        # Identity verified. mTLS enforced.
        # Authorization checked. Audit logged.
        return {"status": "accepted"}

agent = PurchaseAgent.from_config("config.yaml")
agent.run()

The Security Gap

The agent economy has a trust problem

$20.9B US agentic commerce
market in 2026 eMarketer

693% increase in AI traffic
to retail sites Adobe

40% agentic AI projects
cancelled due to risk Gartner

$15T B2B purchases via
AI agents by 2028 Gartner

Every one of these transactions needs verified identity, enforced authorization, and auditable trust.

Architecture

The security middleware for every agent protocol

Consumer Agents ChatGPT · Gemini · Copilot · Perplexity

Commerce Protocols ACP (OpenAI/Stripe) · UCP (Google/Shopify) · A2A

AgentWeave SPIFFE Identity · OPA Authorization · mTLS · Audit

Payment Layer Visa TAP · Mastercard Agent Pay · Stripe · PayPal

Infrastructure Cloudflare · Akamai · AWS/GCP/Azure · Kubernetes

Capabilities

Every component agents need to
transact with verifiable trust

Cryptographic Identity

SPIFFE-based workload identity gives every agent a non-forgeable credential. Automatic rotation. No shared secrets. The same standard Netflix, Uber, and Square use.

Read the docs →

Mandatory mTLS

Mutual TLS on every connection. No exceptions, no downgrades. TLS 1.3 enforced. The secure path is the only path — you cannot ship an insecure agent.

Read the docs →

Policy-Based Authorization

OPA-powered fine-grained access control. Default-deny in production. Policies as code in Rego. Every decision audited and traceable.

Read the docs →

A2A Protocol Native

First-class Linux Foundation A2A support. Agent Cards, capability discovery, JSON-RPC 2.0 messaging. Interoperate with any A2A-compatible system.

Read the docs →

Cross-Cloud Federation

SPIRE federation across trust domains. AWS to GCP to Azure. Vendor-neutral identity that works across organizational boundaries.

Read the docs →

Full Observability

OpenTelemetry-native metrics, distributed tracing, structured audit logs. Prometheus-compatible. See every interaction in production.

Read the docs →

Interoperability

Works with the emerging protocol ecosystem

Native

A2A Protocol

Linux Foundation standard. Agent Cards, capability discovery, JSON-RPC 2.0. First-class support built in.

Compatible

ACP

OpenAI + Stripe agentic commerce protocol. AgentWeave secures ACP connections with mTLS and identity.

Compatible

UCP

Google + Shopify universal commerce protocol. AgentWeave provides the trust layer regardless of wire protocol.

Why AgentWeave

Traditional agent security vs. AgentWeave

Traditional

API keys and shared secrets in headers
Plain HTTP or optional TLS, no peer verification
Authorization scattered in application code
No audit trail for agent transactions
Security bolted on, easily bypassed

AgentWeave

Cryptographic identity via SPIFFE — no secrets
Mandatory mTLS, every connection verified both ways
OPA policies as code, default-deny enforcement
Every decision audited with distributed tracing
Security is the architecture — cannot be bypassed

Quick Start

Ship a secure agent in minutes

Install

Python 3.11+ required.

pip install agentweave

Define capabilities

Identity, mTLS, and authorization are automatic.

from agentweave import SecureAgent, capability

class MyAgent(SecureAgent):
    @capability("greet")
    async def greet(self, name: str):
        return {"msg": f"Hello, {name}!"}

Configure & run

Point to your SPIFFE trust domain and OPA policies.

agent = MyAgent.from_config("config.yaml")
agent.run()

Read the Quick Start Guide →

The Trust Layer for
Agentic Commerce

The agent economy has a trust problem

The security middleware for every agent protocol

Every component agents need to
transact with verifiable trust

Cryptographic Identity

Mandatory mTLS

Policy-Based Authorization

A2A Protocol Native

Cross-Cloud Federation

Full Observability

Works with the emerging protocol ecosystem

A2A Protocol

ACP

UCP

Traditional agent security vs. AgentWeave

Traditional

AgentWeave

Ship a secure agent in minutes

Install

Define capabilities

Configure & run

Built on CNCF-graduated standards

Ready to secure
your agents?

The Trust Layer forAgentic Commerce

The agent economy has a trust problem

The security middleware for every agent protocol

Every component agents need totransact with verifiable trust

Cryptographic Identity

Mandatory mTLS

Policy-Based Authorization

A2A Protocol Native

Cross-Cloud Federation

Full Observability

Works with the emerging protocol ecosystem

A2A Protocol

ACP

UCP

Traditional agent security vs. AgentWeave

Traditional

AgentWeave

Ship a secure agent in minutes

Install

Define capabilities

Configure & run

Built on CNCF-graduated standards

Ready to secureyour agents?

The Trust Layer for
Agentic Commerce

Every component agents need to
transact with verifiable trust

Ready to secure
your agents?