AI Identity
Sign inGet a Passport
← All integrations
A2A
Spec / Integrations

A2A

Google's Agent-to-Agent (A2A) protocol uses an AgentCard to advertise an agent's identity, skills, and authentication. Bind your AI Identity Passport in the AgentCard so peer agents can verify the operator before initiating a task.

google.github.io/A2A/

1Issue an AI Identity

If you haven't already, create an identity for this agent in the dashboard. Free for the first identity per account.

Issue identity

2Register your surface

On the identity's edit page, add the agent's endpoint to Surfaces using the a2a scheme:

Surface format
a2a://{your-agent-host}
Example
a2a://agent.example.com

3Carry the Passport in A2A

Click Issue Passport on the identity detail page to generate a signed token. Then drop it into your A2A agent using one of the snippets below. Replace <PASSPORT_TOKEN> and <IDENTITY_ID> with the values shown in the dashboard.

AgentCard at /.well-known/agent.json
json
Add the `aiidentity` extension alongside the standard A2A fields.
{
  "name": "Travel Planning Agent",
  "url": "https://agent.example.com",
  "version": "2.1.0",
  "skills": [ /* ... */ ],
  "authentication": { /* ... */ },
  "extensions": {
    "aiidentity": {
      "id": "<IDENTITY_ID>",
      "passport": "<PASSPORT_TOKEN>",
      "registry": "https://aiidentity.org"
    }
  }
}
Per-task message envelope (recommended)
json
Include the Passport in the task's `metadata` so the receiving agent can re-verify per task.
{
  "taskId": "task_abc",
  "message": { "role": "user", "parts": [ /* ... */ ] },
  "metadata": {
    "aiidentity_passport": "<PASSPORT_TOKEN>"
  }
}

How verifiers consume this

Receiving agents pull the AgentCard before initiating any A2A session, read `extensions.aiidentity.passport`, and verify it. Per-task verification (the second snippet) is recommended for long-running multi-agent flows where Passport rotation may occur.

← All integrations
Read the core specIssue identity