JSON Schemas

Formal JSON Schema definitions for the Agent Authorization Profile. These schemas provide machine-readable validation for AAP tokens and enable automatic interoperability testing.

Key Features

✓JSON Schema Draft 2020-12 - Latest schema standard with full feature support
✓Formal ABNF Grammar - Action names validated against RFC-style grammar
✓Precise Constraint Semantics - Rate limits, domain restrictions, time windows with clear enforcement rules
✓Modular Design - Component schemas can be validated independently

Core Token Schema

AAP Token

Download

Complete schema for AAP JWT payload. Validates all required and optional claims.

aap-token.schema.json

Component Schemas

Agent Identity

Download

agent

Agent identity claim with id, type, operator, and model information.

Task Binding

Download

task

Task context including id, purpose, and creator information.

Capabilities

Download

capabilities

Array of capabilities with action names and constraints.

Constraints

Download

Rate limits, domain restrictions, time windows, and data constraints.

Oversight

Download

oversight

Human oversight requirements and approval workflows.

Delegation

Download

delegation

Delegation chain tracking with depth and lineage.

Context

Download

context

Execution context including environment and runtime metadata.

Audit

Download

audit

Audit logging requirements and compliance frameworks.

Usage Examples

JavaScript / Node.js

// Node.js example using ajv
const Ajv = require('ajv');
const addFormats = require('ajv-formats');

const ajv = new Ajv();
addFormats(ajv);

// Load schemas
const tokenSchema = require('./aap-token.schema.json');
const agentSchema = require('./aap-agent.schema.json');

// Add schemas to validator
ajv.addSchema(agentSchema);
ajv.addSchema(taskSchema);

// Validate a token
const validate = ajv.compile(tokenSchema);
const valid = validate(tokenPayload);

if (!valid) {
  console.error('Validation errors:', validate.errors);
}

Python

# Python example using jsonschema
import jsonschema
import json

# Load schemas
with open('aap-token.schema.json') as f:
    token_schema = json.load(f)

# Create resolver for $ref
resolver = jsonschema.RefResolver.from_schema(
    token_schema,
    store={
        'aap-agent.schema.json': agent_schema,
    }
)

# Validate token
try:
    jsonschema.validate(
        instance=token_payload,
        schema=token_schema,
        resolver=resolver
    )
    print("Token is valid")
except jsonschema.ValidationError as e:
    print(f"Validation error: {e.message}")

Constraint Semantics

Constraint	Type	Semantics
`max_requests_per_hour`	integer	Fixed hourly window, resets at minute 0
`max_requests_per_minute`	integer	Sliding 60-second window
`domains_allowed`	array[string]	DNS suffix matching (rightmost)
`time_window`	object	Inclusive start, exclusive end (ISO 8601)
`max_depth`	integer	Maximum delegation depth (0-10)

Multiple constraints: Within a capability, all constraints use AND semantics (all must pass). Multiple capabilities with the same action use OR semantics (any matching capability allows).

CLI Validation

Using ajv-cli (JavaScript)

npx ajv validate -s schemas/aap-token.schema.json -d token.json --spec=draft2020

Using jsonschema (Python)

python -m jsonschema schemas/aap-token.schema.json -i token.json

Download All Schemas

Get all JSON Schema files for offline validation and integration testing.

View on GitHub →

Related Resources

Complete Specification

Read the full AAP protocol specification

Test Vectors

80+ test cases for validation testing

Reference Implementation

Working AS and RS code examples