Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.goantiai.com/llms.txt

Use this file to discover all available pages before exploring further.

A Just-in-Time (JIT) token is a short-lived credential your agent gets right when it needs to make an API call — valid for 10 minutes, scoped to exactly what the agent needs, and expiring automatically.

Why short-lived tokens?

With a long-lived API key, a compromised agent gives an attacker access until someone notices — hours or days. With JIT tokens, the window is at most 10 minutes. After that, the token expires and Anti AI can block re-authentication immediately.

The token lifecycle

1. Agent requests token (client_id + client_secret + scope)
2. Anti AI validates credentials
3. Anti AI checks policy — is this scope allowed?
4. Anti AI issues a signed JWT (expires in 10 min)
5. Agent uses token for API calls
6. Token expires — agent requests a new one automatically
The SDK handles steps 1–4 and 6 automatically.

Token lifetimes

SituationLifetime
Standard10 minutes
High-risk scopes (*:write, *:delete, *:admin)15 minutes max
Custom per-agent TTL5 minutes to 24 hours

Revocation

Revoke any token instantly from the dashboard or API. The SDK detects revocations within 15 seconds via background TRL polling.