Accept Cross-Tenant Delegation - Truthlocks Documentation

Accept Delegation

curl --request POST \
  --url https://api.truthlocks.com/v1/delegations/cross-tenant/accept \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "token": "<string>"
}
'

{
  "delegation_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "from_agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "to_agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "scopes": [
    "<string>"
  ],
  "ttl_seconds": 123,
  "conditions": {},
  "token": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "expires_at": "2023-11-07T05:31:56Z"
}

POST

delegations

cross-tenant

Accept Delegation

curl --request POST \
  --url https://api.truthlocks.com/v1/delegations/cross-tenant/accept \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "token": "<string>"
}
'

{
  "delegation_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "from_agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "to_agent_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "scopes": [
    "<string>"
  ],
  "ttl_seconds": 123,
  "conditions": {},
  "token": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "expires_at": "2023-11-07T05:31:56Z"
}

Accepts a pending cross-tenant trust delegation offer. Once accepted, the accepting agent gains the delegated scopes for the duration specified in the original offer. The acceptance event is recorded in the transparency log with a cryptographic receipt. Only agents within the target tenant specified in the original offer can accept it. The offer must still be in offered status and not yet expired.

Authentication

X-API-Key

string

required

API key with delegations:accept scope. Alternatively, pass a Bearer JWT token in the Authorization header.

X-Tenant-ID

string

required

Tenant identifier of the accepting party. Must match the target_tenant_id from the original offer.

Path Parameters

string

required

Delegation offer identifier (e.g. deleg_01HXYZ4A5B6C7D8E9F).

Request

accepted_by_agent_id

string

required

MAIP agent identifier of the agent accepting the delegation. Must belong to the target tenant.

Response

string

Delegation identifier.

status

string

Updated status. active upon successful acceptance.

offered_by_agent_id

string

The agent that created the original offer.

offered_by_tenant_id

string

Tenant of the offering agent.

accepted_by_agent_id

string

The agent that accepted the delegation.

accepted_by_tenant_id

string

Tenant of the accepting agent.

scopes

string[]

Delegated permission scopes now active for the accepting agent.

max_depth

integer

Maximum re-delegation depth.

accepted_at

string

ISO 8601 timestamp when the delegation was accepted.

expires_at

string

ISO 8601 timestamp when the delegation will automatically expire.

receipt_id

string

Transparency-log receipt anchoring this delegation acceptance event.

Authorizations

X-API-Key

string

header

required

API key for machine-to-machine authentication

Path Parameters

delegationId

string<uuid>

required

Delegation identifier

Body

application/json

agent_id

string<uuid>

required

Accepting agent (must match to_agent_id)

token

string

required

Delegation acceptance token from the offer

Response

Delegation accepted

delegation_id

string<uuid>

from_agent_id

string<uuid>

to_agent_id

string<uuid>

scopes

string[]

ttl_seconds

integer

conditions

object

status

enum<string>

Available options:

offered,

active,

expired,

revoked

token

string

Delegation acceptance token (returned on offer)

created_at

string<date-time>

expires_at

string<date-time>

Offer Cross-Tenant Delegation List MAIP Policies

​Authentication

​Path Parameters

​Request

​Response

Authorizations

Path Parameters

Body

Response

Authentication

Path Parameters

Request

Response