Built it in someone else's portal? Same answer.
Custom GPTs, Gemini Gems, Claude Projects, Poe bots, Cursor, Claude Code, Vapi, Retell, Zapier, Make, n8n, Lindy — anything where you don't run the server. There's one universal pattern, then a few platform- specific notes below.
The universal pattern
Wherever your assistant has a description, bio, system prompt, or “about” field, paste this on its own line:
AI Identity: aii://<your-id> · verify at aiidentity.org/p/<your-id>If your platform also lets you set custom HTTP headers on outbound calls (most do), set X-AI-Identityto your Passport token so verifiers can confirm cryptographically. Then come back to your dashboard and submit the public link to your assistant — we'll confirm the binding (usually within minutes).
Custom GPTs, Gemini Gems, Claude Projects, Poe bots — assistants you build in someone else's portal.
The 'Description' field of your Custom GPT (visible to anyone who opens it).
1. Open your Custom GPT in the GPT Builder.
2. Edit → Configure → "Description".
3. Append on a new line:
AI Identity: aii://<IDENTITY_ID> · verify at aiidentity.org/p/<IDENTITY_ID>
4. Save. Share your GPT link in /dashboard/identities/<IDENTITY_ID>/website
so we can fetch it and confirm. Done in ~30 seconds.
If your GPT has Actions, your Action server should also send the
X-AI-Identity header on responses (see /spec/integrations/http).gpt:{gpt-share-id}gpt:g-abc123XYZWe fetch your Custom GPT's public share page and look for the AI Identity reference in the visible description. Re-checked weekly so revoked identities can't linger.
The Gem's 'Description' field.
1. gemini.google.com → Gems → your Gem → Edit.
2. In "Description", append on a new line:
AI Identity: aii://<IDENTITY_ID> · verify at aiidentity.org/p/<IDENTITY_ID>
3. Save. Submit the Gem's share URL in your dashboard.
For Gems that call Vertex AI extensions, the extension endpoint should
also serve the X-AI-Identity header on every response.gem:{gem-share-id}gem:abc123XYZWe fetch the Gem's public share page and look for the reference in its rendered description.
Claude Project
Anthropic Claude Projects — shared workspaces with custom instructions.
The Project's 'Custom instructions' field.
1. Open your Project in claude.ai → Settings → "Custom instructions".
2. Append on a new line:
AI Identity: aii://<IDENTITY_ID> · verify at aiidentity.org/p/<IDENTITY_ID>
3. If the Project is shared, paste the share URL in your dashboard so we
can verify the reference is live.
Claude Projects don't yet expose a public-share API, so verification
runs via a screenshot/manual review on first registration. Once Anthropic
ships public Projects we'll switch to automated re-verification.claude-project:{share-id}claude-project:p-abc123Manual first-time review (screenshot + share link), then trust on file. Switching to automated when public-share APIs land.
The bot's 'Description' field.
1. poe.com → your bot → Edit bot.
2. In "Description", append:
AI Identity: aii://<IDENTITY_ID>
3. Save. We confirm via Poe's public bot page.poe:@{handle}poe:@AcmeBotWe fetch poe.com/<handle> and confirm the reference is rendered in the visible description.
Claude Code, Cursor, and other AI-first dev tools that act on your behalf.
Claude Code
Anthropic's coding agent — runs locally but acts on behalf of a developer/team.
Project-level CLAUDE.md or .claude/identity.json.
1. In your repo root, add a CLAUDE.md (Claude Code reads this on every session):
---
ai-identity: aii://<IDENTITY_ID>
passport: <PASSPORT_TOKEN>
---
2. Or use a dedicated .claude/identity.json file (preferred for org-wide rollout):
{
"ai_identity": "<IDENTITY_ID>",
"passport": "<PASSPORT_TOKEN>",
"registry": "https://aiidentity.org"
}
3. When Claude Code makes outbound HTTP calls (tool calls, MCP, fetch),
it includes the X-AI-Identity header automatically once configured.claude-code:{repo-slug}claude-code:acme/api-serverAnthropic does not expose a public-fetch endpoint for individual Claude Code sessions; verification runs via the X-AI-Identity header on outbound HTTP calls captured by your verifier.
Project-level .cursor/identity.json or .cursorrules.
1. In your repo, add .cursor/identity.json:
{
"ai_identity": "<IDENTITY_ID>",
"passport": "<PASSPORT_TOKEN>"
}
2. Or append to .cursorrules:
AI-Identity: aii://<IDENTITY_ID>
3. When Cursor's agent makes outbound calls (Composer / Background Agent /
tool use), include the X-AI-Identity header on your tool servers so the
binding is visible to verifiers.cursor:{repo-slug}cursor:acme/frontendSame as Claude Code — via outbound headers from the agent's tool calls. Cursor doesn't yet expose a remote-fetch endpoint per project.
Phone-based AI agents from Vapi, Retell, ElevenLabs Conversational.
The agent's 'Server URL' (Vapi posts every call event there). Add the header in your handler.
1. In your Vapi dashboard, set the agent's Server URL to your endpoint.
2. In your handler (whatever framework), set the response header on every
reply so downstream verifiers can confirm the agent's identity:
X-AI-Identity: <PASSPORT_TOKEN>
3. Also fill the agent's "Bio" field with:
AI Identity: aii://<IDENTITY_ID>
so callers who look up the agent in Vapi's public directory see the link.
For inbound phone numbers, also register the surface as wa:+{number} or
tel:+{number} so verifiers can resolve from the phone number alone.vapi:{agent-id}vapi:01H7XQ...Verifiers read the X-AI-Identity header on Server URL responses, plus the public Bio field via Vapi's directory.
Webhook handler response header + the agent's public name field.
Identical pattern to Vapi:
1. Webhook responses include X-AI-Identity: <PASSPORT_TOKEN>
2. Agent's public-facing name/bio includes:
AI Identity: aii://<IDENTITY_ID>retell:{agent-id}retell:agent_abcWebhook header + agent's public-facing name field.
Agent's 'First message' / 'System prompt' (visible to operators) plus webhook headers.
1. In the ElevenLabs Conversational dashboard, edit the agent's system
prompt and append:
Operator's AI Identity: aii://<IDENTITY_ID>
2. If you've configured a webhook for tool calls, set X-AI-Identity on
every response.elevenlabs:{agent-id}elevenlabs:abc123Tool-webhook header + manual review of the public agent share link if one is exposed.
Zapier, Make, n8n, Lindy — workflow agents that fire on triggers.
Webhook responses + Zap description.
1. For Zaps that call external APIs, set the X-AI-Identity header on
any HTTP step's request configuration.
2. Add the AI Identity reference to the Zap's title/description so
teammates and auditors can see it.zapier:{zap-id}zapier:01H7XQ...Outbound HTTP header from the Zap's tool calls.
HTTP module headers + scenario description.
1. In each HTTP module's "Headers" config, add:
X-AI-Identity: <PASSPORT_TOKEN>
2. In the scenario description, note the identity reference for audit:
AI Identity: aii://<IDENTITY_ID>make:{scenario-id}make:1234567Outbound HTTP header from scenario calls.
HTTP Request node headers + workflow notes.
1. On every HTTP Request node, add:
X-AI-Identity: <PASSPORT_TOKEN>
(recommend a credential so it's set once across all workflows)
2. Add the identity reference to the workflow's notes/description.n8n:{workflow-id}n8n:wf_abcOutbound HTTP header.
Agent description + outbound HTTP headers on Action steps.
1. In the Lindy dashboard, edit the agent's description and append:
AI Identity: aii://<IDENTITY_ID>
2. For Action steps that call external APIs, configure the
X-AI-Identity header on the request.lindy:{agent-id}lindy:abc123Outbound HTTP header + agent description if shared.
Your platform isn't listed — use the universal pattern.
Anything else
Your platform isn't listed yet — use the universal pattern.
Whichever public-facing text field your platform exposes.
Wherever your assistant has a description, bio, system prompt, or
"about" field, paste this on its own line:
AI Identity: aii://<IDENTITY_ID> · verify at aiidentity.org/p/<IDENTITY_ID>
If your platform also lets you add custom HTTP headers on outbound
calls, set:
X-AI-Identity: <PASSPORT_TOKEN>
Then submit the public link to your assistant in your dashboard. We'll
do a manual first-time verification and add the platform to this list
if there's enough demand.{platform}:{handle-or-id}myplatform:my-agentManual first-time review, then trust on file. We add platforms to the auto-verify list as adoption grows.