A signature, not a prompt
A named person approves the exact action — payee and amount — on a phishing-resistant passkey. Not a click you can phish.
Limits that hold over time
Per action, a running total, and how many times — the agent can't drift past them. Money is just one example.
A short leash, not standing power
Authority is scoped to one job and expires fast. No standing keys left lying around.
Proof, not promises
Every request, approval, denial, and action lands in a signed, tamper-evident trail — any change is detectable.
We verify which agent is asking — that's table stakes — then govern what it's allowed to do.
The use case — an accounts-payable agent paying vendors
Routine payments run on the agent's own authority. A high-value payment pauses for a named human to approve the exact payee and amount on their passkey — then every step is recorded.
The control sits outside the agent. Even if the agent is wrong, mis-prompted, or compromised, it can't bypass the human approval, the limits, the expiry, or the signed evidence trail.
Run the demo
1Pick a situation
Short-term access
Act for you for a short time while you're here. Self-expires.
Ongoing access
Work on its own, within set limits, until you remove access.
Agent asks first
The agent asks when it needs access; you approve with your passkey.
2The limits the human granted
These are set when the human authorizes the access in the portal — the console only redeems it.
3Authorize & run
4Drive payments
5Live run
Pick a situation and start the agent — each step appears here as a card.
What the business gets from action-level control
Faster agent rollout
Lower blast radius
Cleaner audit
Overlay on existing IAM — no rip-and-replace
Clear human accountability
This isn't a new AI experiment — it's the control layer that lets existing AI experiments graduate safely: put control in front of one agent, prove the pattern, then scale to more teams and workflows without ripping out your current stack.