Agent identity
Bind the request to the platform worker, customer tenant, repo, PR, commit, and target branch.
Parallel coding agents
When your product turns tickets into agent-authored PRs, merges, deploys, or workflow changes, enterprise customers need proof that each high-risk action was authorized.
const decision = await permissionProtocol.verify({
actor: "agent:platform-worker-42",
action: "github.pull_request.merge",
resource: "repo:customer/payments-api:main",
context: {
pr: 1047,
commit: "9f2c1a7",
risk: "production-impacting",
source: "ticket-to-pr-agent"
}
});
if (!decision.authorized) {
throw new Error("Signed authorization receipt required");
}Bind the request to the platform worker, customer tenant, repo, PR, commit, and target branch.
Let low-risk actions proceed and require signer authority when the action can affect production.
Return a receipt the customer can attach to CI, audit, incident review, or enterprise security review.
Where it fits
Permission Protocol gives your platform a concrete answer before the next merge, deploy, workflow mutation, or database change.