Skip to content

Add AgentID authorization contract example#2572

Open
dinpd wants to merge 1 commit into
github:mainfrom
dinpd:agentid-provider-auth-contract-example
Open

Add AgentID authorization contract example#2572
dinpd wants to merge 1 commit into
github:mainfrom
dinpd:agentid-provider-auth-contract-example

Conversation

@dinpd

@dinpd dinpd commented May 29, 2026

Copy link
Copy Markdown

Summary

Adds an optional AgentID provider authorization contract example for enterprise gateways routing GitHub MCP Server traffic.

Why

This documents a complementary pattern for organizations that want per-tool blast-radius metadata, required context, approval/JIT requirements, and scoped receipt bindings before forwarding high-risk agent-originated GitHub MCP tool calls.

Fixes #

What changed

  • Added docs/agentid-provider-contract.md with an illustrative AgentID provider contract for selected read/write GitHub MCP tools.
  • Linked the example from docs/policies-and-governance.md alongside existing governance controls.

MCP impact

  • No tool or API changes
  • Tool schema or behavior changed
  • New tool added

Docs-only change. This does not alter exposed tools, server behavior, authentication, or authorization enforcement.

Prompts tested (tool changes only)

  • N/A, docs-only change.

Security / limits

  • No security or limits impact
  • Auth / permissions considered
  • Data exposure, filtering, or token/size limits considered

The example states that GitHub API authorization remains the final enforcement point, and that this pattern complements existing toolsets, read-only mode, token scopes, and native permission checks.

Tool renaming

  • I am renaming tools as part of this PR
    • I have added the new tool aliases in deprecated_tool_aliases.go
  • I am not renaming tools as part of this PR

Lint & tests

  • Linted locally with ./script/lint
  • Tested locally with ./script/test

Not run; docs-only change. Ran git diff --check locally.

Docs

  • Not needed
  • Updated (README / docs / examples)
@dinpd dinpd requested a review from a team as a code owner May 29, 2026 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant