Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.goantiai.com/llms.txt

Use this file to discover all available pages before exploring further.

A delegation lets an agent act on behalf of a specific human user. The token includes the user’s identity, so the audit log shows both the agent and the human it was acting for.

How it works

Human user logs in → gets a session token

Agent exchanges human token for a delegated token

Delegated token contains:
  - agent identity
  - human identity (on_behalf_of)
  - scopes

Why it matters for compliance

With delegations, every agent action in your audit log is traceable to a specific human. This is required for SOC 2 compliance and the EU AI Act’s human oversight requirements.

Requesting a delegated token

curl -X POST https://api.antiailabs.com/oauth/token \
  -d "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \
  -d "subject_token=HUMAN_SESSION_TOKEN" \
  -d "requested_scope=db:read" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET"