Getting Started
The Agwai API is organized around signed mandates. Your app submits a user IntentMandate, an agent CartMandate, and a rail preference; Agwai verifies policy, revocation state, and signatures before returning an authorization proof.
https://api.agwai.devAuthentication
Authenticate your API requests by including your API key in the Authorization header. You can find your API keys in the Dashboard.
curl https://api.agwai.dev/v1/authorize \
-H "Authorization: Bearer sk_live_your_api_key" \
-H "Content-Type: application/json"Security Notice
Keep your API keys secure. Do not share them in publicly accessible areas such as GitHub or client-side code.
API Reference
Explore the full list of available endpoints.
Example: Authorize an Agent Payment
Here's a simplified version of the flow from the technical demo: user mandate, cart mandate, policy check, and rail authorization.
curl -X POST https://api.agwai.dev/v1/authorize \
-H "Authorization: Bearer sk_live_..." \
-H "Content-Type: application/json" \
-d '{
"intent_mandate": "jws_user_signed_ap2_intent",
"cart_mandate": "jws_agent_signed_cart",
"rail": "account_to_account",
"amount": { "currency": "AED", "value": "349.00" },
"merchant": "approved_merchant"
}'Response
{
"decision": "ALLOW",
"rail": "account_to_account",
"custody": "none",
"authorization_jws": "eyJhbGciOiJFZERTQSJ9...",
"proof_id": "mep_8x9y2z3a4b5c",
"audit_hash": "sha256:7d2f...",
"created_at": "2026-06-30T10:30:00Z"
}Webhooks
Agwai can send webhook events when a mandate is exercised, revoked, blocked, settled, or attached to a dispute workflow.
mandate.exercisedmandate.revokedauthorization.step_upproof.createdRate Limits
The API has rate limits to ensure fair usage and system stability.
| Plan | Requests/min | Requests/day |
|---|---|---|
| Starter | 60 | 1,000 |
| Growth | 300 | 10,000 |
| EnterpriseRECOMMENDED | Unlimited | Unlimited |
Need help?
Our team is here to help you integrate Agwai into your application.