A signed assertion of what an agent is authorized to do — the scope, the limits, and who delegated it.
The commitment is cryptographically bound to the ORS receipt that records what the agent then did, so authority and action are linked.
Mandate sits on top of identity. It does not replace it. Identity and Access Management (IAM) systems — Okta, Microsoft Entra, OAuth, JWTs — authenticate the principal and grant access. They do not record the scope of authority a principal delegated to an agent, or bind that scope to what the agent did. Mandate adds that layer on top.
Records the scoped authority a principal delegated to an agent, and binds it to the receipt of what the agent did.
Records delegated authority
▴ builds on ▴
Authenticates the principal and grants access to resources. The foundation Mandate builds on.
Authenticates, grants access
The two layers do different things. IAM answers "who is this and what may they reach." Mandate answers "what authority did they delegate to the agent, and did the agent stay within it." Mandate does not issue identity, authenticate principals, or replace OAuth, JWTs, or your existing authorization systems.
A scoped, signed, bindable record. Each mandate commitment is a signed assertion with a defined scope and limits. It is designed to bind to the receipt that records the action taken under it — the format and SDK exist today.
// mandate.commitment { "mandate_version": "0.1", "agent_id": "agent_7f3a9c", "delegated_by": "principal_4a2f", "scope": ["purchase", "refund"], "limits": { "per_action_max": 5000, "currency": "USD" }, "expires": "2026-06-30T00:00Z", "bound_receipt": "sha256:c4d3e2…" }
Each commitment defines exactly what the agent is authorized to do and the limits that apply — not a broad grant, but a specific, attestable scope.
A commitment binds to the ORS receipt that records the action taken under it, so authority and action are linked in a single verifiable chain.
Verifiable state management around each commitment — cumulative spend, action counts, and remaining capacity. This is the hosted commercial layer, in development.
A record an organization can present to a counterparty, a regulator, or third-party review when the authority behind an agent's action is questioned.
On scope. OpenTerms Mandate produces signed commitments and cryptographic bindings. It does not provide legal advice, determine authorization validity, or certify compliance. It binds delegated authority to recorded action against an identity issued by an external identity system.