Spec / Integrations

OpenCLAW

OpenCLAW agents expose a public manifest describing their tools, scopes, and operator. Add an `aiidentity` block so verifiers can cryptographically confirm the agent's identity and operator before invoking any action.

openclaw.org

1Issue an AI Identity

If you haven't already, create an identity for this agent in the dashboard. Free for the first identity per account.

Issue identity

2Register your surface

On the identity's edit page, add the agent's endpoint to Surfaces using the openclaw scheme:

Surface format

openclaw://{your-agent-host}

Example

openclaw://agents.example.com/support-bot

3Carry the Passport in OpenCLAW

Click Issue Passport on the identity detail page to generate a signed token. Then drop it into your OpenCLAW agent using one of the snippets below. Replace <PASSPORT_TOKEN> and <IDENTITY_ID> with the values shown in the dashboard.

Add to your CLAW manifest

json

Drop this block at the top level of your /.well-known/openclaw.json manifest.

{
  "name": "Support Bot",
  "version": "1.4.0",
  "tools": [ /* ... */ ],
  "aiidentity": {
    "id": "<IDENTITY_ID>",
    "passport": "<PASSPORT_TOKEN>",
    "registry": "https://aiidentity.org",
    "verify": "https://aiidentity.org/api/v1/verify"
  }
}

Per-call header (optional, for stronger replay protection)

http

Some CLAW deployments rotate Passports per-session. If you do, include the header on every tool-call response.

HTTP/1.1 200 OK
Content-Type: application/json
X-AI-Identity: <PASSPORT_TOKEN>

{ "result": ... }

How verifiers consume this

A verifier fetches /.well-known/openclaw.json, reads the `aiidentity.passport` claim, and POSTs it to https://aiidentity.org/api/v1/verify (or any compatible verifier). The 200 response confirms the operator, tier, and which surfaces are bound to this identity.

← All integrations

Read the core spec Issue identity