What is may_act_grants and how does delegation work?

SharkAuth expresses delegation policy as structured data. Every grant is scoped to specific actions, resources, and time windows, and can be revoked or expired automatically when conditions change.

How does DPoP protect against token theft?

Every access token is cryptographically bound to the agent's private key via RFC 9449 DPoP. A stolen token is useless without the key, making replay attacks impossible by design.

What is act chain depth and why does it matter?

SharkAuth preserves the complete delegation chain across every agent hop. When agent A delegates to B who calls API C, the full provenance is surfaced in token introspection, eliminating 'the agent did it' dead ends.

How fast is cascade revocation?

Revoke any grant and every downstream token invalidates automatically. The change is indexed by grant_id and propagated through introspection in under 12 ms p99.

Can SharkAuth run offline or on edge devices?

Yes. It ships as a single static Go binary with embedded SQLite WAL. Deploy it next to your app, in a container, on a corporate VM, or an air-gapped edge. Or drop it on a $5 VPS. Backup is a single file copy.

What audit capabilities does SharkAuth provide?

Structured JSON audit logs, indexed by grant_id, subject, actor, and grant. Stream directly to your SIEM via events websocket. Compliance-ready out of the box.

The DPoP Revolution

Traditional bearer tokens are a security liability for autonomous agents. If an agent's memory is leaked, the token is as good as the user's password.

Enter DPoP

Demonstrating Proof-of-Possession (RFC 9449) ensures that the token is cryptographically bound to a specific keypair.

bash

# Example DPoP challenge response
shark auth --dpop-bind ./keys/agent.pem

Why it matters

Zero Leakage: Stolen tokens are useless without the private key.
Rotational Integrity: Keys can be rotated without user intervention.
Auditability: Every request is signed and verifiable.

The DPoP Revolution

Enter DPoP

Why it matters

WANT MORE UPDATES?