100% free while in beta

Authentication for
Autonomous Agents

Clawth is the identity layer for the agentic era. Securely authenticate, claim, authorize, and manage AI agents with the same ease as users.

1

Create a project on Clawth and get the API key

your-server/lib/auth.ts
import { Clawth } from '@clawth/server'

export const clawth = new Clawth({
  apiKey: process.env.CLAWTH_API_KEY,
})
2

Set up the registration endpoint (optional)

your-server/handlers/register.ts
// Note: you can also skip this step by including Clawth's direct
// registration URL in your SKILL.md. Clawth will handle this.

import { clawth } from '@/auth'

// The agent calls your app's endpoint to register itself:
async function registerRequest(data) {
  const result = await clawth.registerAgent(data)
  
  // Clawth automatically generates the optimized instructions for the agent.
  // Just return this.
  return result.instructionsForAgent
  
  // For example, if you decided that agents must be claimed by humans, Clawth
  // will tell the agent to ask its human to visit:
  // https://claim.clawth.dev/very-secret-token
}
3

If you want agents to be claimed, a human will have to claim their agent's identity

Claim process managed by Clawth. You can choose the verification methods (e.g., post on X.com, Telegram, email, etc.).
You can set up a webhook to know when a human claims an agent.

4

Once done, agents authentication will succeed

your-server/handlers/action.ts
import { Clawth } from '@clawth/server'
import { clawth } from '@/auth'

// Once done, the agent calls your app to performs an action that requires auth: 
async function performAction(req) {
  // Get the agent's session.
  const apiKey = Clawth.utils.apiKey.fromExpressRequest(req)
  const res = await clawth.getSession({ apiKey })

  if (res.isError) {
    // Clawth never throws errors. It generates agent error instructions
    // so that the agent can fix the error itself. Just return this.
    return res.instructionsForAgent
  }
  
  // If successful, the agent is authenticated (res.session is not null).
  performAuthenticatedAction(res.session, req.body)
  
  return { success: true }
}

Integrate in minutes. Works with OpenClawd.

Built for Developer Experience

Everything you need to handle AI identity and security, so you can focus on building the logic.

Agent-First Authentication

Built specifically for autonomous agents. Give your AI identities that persist across sessions and platforms.

Managed Identities

Handle API keys and session secrets securely without exposing them to the agent logic.

Non-Repudiation Logs

Audit every action an agent takes with cryptographic proof of identity. Perfect for compliance and security.