macp-auth 0.4.0

MACP authentication: request identity derivation, the security layer (rate limits, payload limits), and bearer/JWT auth resolvers.

Documentation

Coverage
7.41%
4 out of 54 items documented0 out of 23 items with examples
Size
Source code size: 117.29 kB This is the summed size of all the files inside the crates.io package for this release.
Documentation size: 1.61 MB This is the summed size of all files generated by rustdoc for all configured targets
Ø build duration
this release: 26s Average build duration of successful builds.
all releases: 26s Average build duration of successful builds in releases after 2024-10-23.
Links
multiagentcoordinationprotocol/runtime
0 0 0
crates.io
Dependencies
Versions
- 0.4.0 (2026-06-24)
Owners

macp-auth

The authentication and security layer of the Multi-Agent Coordination Protocol (MACP) reference runtime.

Provides:

request identity derivation (the authenticated identity becomes the Envelope.sender; self-asserted senders are never trusted)
the security layer: per-sender rate limits and payload-size enforcement
a pluggable bearer-token resolver chain — JWT bearer (signature, issuer, audience, and expiration validated against a JWKS) and static bearer tokens, with a dev-mode fallback for local development

This crate confines jsonwebtoken and reqwest so the rest of the workspace stays free of them. It is part of the macp-runtime workspace and depends on macp-core.

License

Licensed under the Apache License, Version 2.0.