a1-ai 2.8.0

A1 — The cryptographic identity and authorization layer that turns anonymous AI agents into accountable, verifiable entities. One Identity. Full Provenance.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

# A1 Gateway — Environment Configuration
# Copy this file to .env and fill in the values before starting the gateway.
#
# Quickstart:
#   cp .env.example .env
#   # Edit the values below, then:
#   docker compose up -d

# ── Required for production ──────────────────────────────────────────────────
# Generate these once and store them in your secrets manager.
# Without these, keys are ephemeral (lost on restart) and tokens are
# invalidated every time the gateway restarts.

# 32-byte hex Ed25519 seed for the gateway's signing identity.
# Generate: openssl rand -hex 32
A1_SIGNING_KEY_HEX=

# 32-byte hex HMAC key for VerifiedToken receipts.
# Generate: openssl rand -hex 32
A1_MAC_KEY_HEX=

# Bearer token for admin endpoints (cert issuance, batch revocation, swarm management).
# Without this, admin endpoints are unprotected. REQUIRED in production.
A1_ADMIN_SECRET=

# ── Storage backends (pick one) ──────────────────────────────────────────────
# Without a persistent backend, revocation state is lost on restart — a revoked
# cert becomes valid again after the gateway restarts. This is a security issue
# in production. Use Redis or Postgres.

# Redis (recommended for low-latency, high-throughput deployments)
A1_REDIS_URL=redis://localhost:6379/0

# Postgres (required by docker-compose; also used for nonce + revocation store)
# A1_PG_PASSWORD is required by docker/docker-compose.yml
A1_PG_PASSWORD=
A1_PG_URL=postgres://a1:${A1_PG_PASSWORD}@localhost:5432/a1db

# ── Network ──────────────────────────────────────────────────────────────────
# Bind address for the gateway HTTP server.
GATEWAY_ADDR=0.0.0.0:8080

# Public base URL — used in the .well-known/a1-configuration discovery document
# and in DID document resolution. Set to your public domain in production.
A1_PUBLIC_BASE_URL=http://localhost:8080

# CORS — set to "*" for dev, or your specific frontend origin in production.
A1_CORS_ALLOWED_ORIGIN=

# If the gateway runs behind a reverse proxy (nginx, Fly.io, Cloudflare), set
# the header the proxy uses to forward the real client IP.
# Options: x-forwarded-for, fly-client-ip, cf-connecting-ip
A1_TRUSTED_PROXY_MODE=

# Per-IP rate limit (requests per second). Default: 500.
A1_RATE_LIMIT_RPS=500

# ── Webhooks ─────────────────────────────────────────────────────────────────
# A1 can POST audit events to your webhook endpoint.
# Leave blank to disable webhooks.
A1_WEBHOOK_URL=
A1_WEBHOOK_SECRET=

# ── JWT bridge (OIDC / SSO) ──────────────────────────────────────────────────
# Enables /v1/jwt/exchange — lets your existing OIDC tokens bootstrap delegation
# chains without a manual key ceremony.
# A1_JWT_JWKS_URL:     the JWKS endpoint of your identity provider
# A1_JWT_ALLOWED_CAPS: comma-separated capability allowlist for JWT-exchanged certs
A1_JWT_JWKS_URL=
A1_JWT_ALLOWED_CAPS=

# ── Delegation negotiation ───────────────────────────────────────────────────
# Controls which capabilities /v1/negotiate may issue.
# Leave blank and set ALLOW_ALL=1 for dev/staging only.
A1_NEGOTIATE_CAPABILITIES=
A1_NEGOTIATE_ALLOW_ALL=

# ── Multi-tenant ─────────────────────────────────────────────────────────────
# Set to true to enable X-A1-Tenant-ID header enforcement.
A1_MULTI_TENANT=false

# Set to true to reject requests that are missing the tenant header.
A1_TENANT_REQUIRED=false

# Comma-separated list of permitted tenant IDs.
# Leave blank to allow all tenant IDs.
A1_TENANT_ALLOWLIST=

# ── AI proxy (A1 Studio) ─────────────────────────────────────────────────────
# Anthropic API key — enables the /v1/ai/chat proxy used by the Studio AI assistant.
# Leave blank to disable the AI assistant in Studio.
A1_AI_KEY=

# Path to a compiled studio/index.html on disk. When set, the gateway serves
# this file instead of the version compiled into the binary. Useful for updating
# Studio without rebuilding the Docker image — just restart the gateway.
A1_STUDIO_PATH=

# ── Chain depth and automagic ────────────────────────────────────────────────
# Maximum number of certs allowed in a single delegation chain. Default: 8.
# Increase for deep multi-agent orchestration trees.
A1_MAX_CHAIN_DEPTH=8

# Set to "1" to enable automagic mode — the gateway auto-issues delegation
# certs on behalf of agents that present a valid root passport. Dev/staging only.
AUTOMAGIC_MODE=

# ── Observability ────────────────────────────────────────────────────────────
# Log filter. Use "a1_gateway=debug,a1=trace" for verbose output.
RUST_LOG=a1_gateway=info,tower_http=info