Version-pinned ARIA backend integration for the Microsoft Agent Governance Toolkit
Project description
aria-agentkit
Version-pinned ARIA backend integration for the Microsoft Agent Governance Toolkit.
aria-agentkit is a first-class, contract-tested backend integration for the official AGT governance surfaces. It connects your AGT-governed agents to EmpowerID ARIA — the enterprise governance platform for AI agents — through rigorous adapters for policy evaluation, governance-grade audit export, and MCP remote configuration.
What This Package Does
| Integration | AGT Extension Point | ARIA Service |
|---|---|---|
ARIAToolInterceptor |
ToolCallInterceptor |
AuthZEN PDP |
ARIAPolicyProvider |
PolicyProviderInterface |
AuthZEN PDP |
ARIAAuditBackend |
AuditBackend |
Receipt Vault |
claude_desktop_config |
— | MCP Gateway |
mcp_session_params |
— | MCP Gateway |
What This Package Does NOT Do
- Reimplements AGT governance primitives
- Proxies LLM traffic (see
aria-shield-sdkfor that) - Provides budget management (deferred until transactional semantics are designed)
- Provides approval workflows (deferred until persisted workflow model is built)
Version Compatibility
aria-agentkit |
agent-os-kernel |
Python |
|---|---|---|
| 0.1.x | 3.0.0 – 3.0.x | >= 3.10 |
The compat module detects the installed AGT version at import time and raises RuntimeError on unsupported versions.
Installation
pip install aria-agentkit
Quick Start
Tool Call Interception via AuthZEN PDP
from agent_os.integrations.base import CompositeInterceptor
from aria_agentkit import ARIAToolInterceptor
interceptor = ARIAToolInterceptor(
pdp_url="https://pdp.example.com/access/v1/evaluation",
pdp_application="my-agent-platform",
token="my-bearer-token",
)
# Register with AGT's composite interceptor
composite = CompositeInterceptor()
composite.add(interceptor)
Governance-Grade Audit Export
from agent_os.audit_logger import GovernanceAuditLogger
from aria_agentkit import ARIAAuditBackend
audit = ARIAAuditBackend(
receipt_vault_url="https://receipts.example.com",
)
logger = GovernanceAuditLogger()
logger.add_backend(audit)
Policy Provider for Control Plane
from aria_agentkit import ARIAPolicyProvider
provider = ARIAPolicyProvider(
pdp_base_url="https://pdp.example.com",
pdp_application="my-agent-platform",
token="my-bearer-token",
)
policies = provider.get_policies(agent_id="agent-1")
MCP Gateway Configuration
from aria_agentkit.mcp.claude_desktop import claude_desktop_config
from aria_agentkit.mcp.sdk_session import mcp_session_params
# For Claude Desktop
config = claude_desktop_config(
server_name="aria-gateway",
gateway_url="https://mcp.example.com/v1/mcp",
token="my-bearer-token",
)
# For MCP Python SDK
params = mcp_session_params(
gateway_url="https://mcp.example.com/v1/mcp",
token="my-bearer-token",
)
Architecture
AGT Runtime aria-agentkit ARIA Services
┌─────────────────┐ ┌─────────────────────────┐ ┌──────────────────┐
│ PolicyEvaluator │────>│ ARIAPolicyProvider │───>│ AuthZEN PDP │
│ ToolCallInter- │────>│ ARIAToolInterceptor │───>│ │
│ ceptor chain │ │ │ │ │
│ GovernanceAudit- │────>│ ARIAAuditBackend │───>│ Receipt Vault │
│ Logger │ │ (outbox + hash chain) │ │ │
│ │ │ │ │ │
│ │ │ MCP config emitters │───>│ ARIA MCP Gateway │
└─────────────────┘ └─────────────────────────┘ └──────────────────┘
AuthZEN Request Mapping
The interceptor maps AGT ToolCallRequest fields into OpenID AuthZEN 1.0 evaluation requests:
| AuthZEN Field | Value |
|---|---|
action.name |
"tool.invoke" (constant) |
resource.type |
"mcp_tool" |
resource.id |
"mcp://{server_name}/{tool_name}" |
subject.type |
"agent" |
subject.id |
"auth:agent:agentmesh:{agent_id}" |
context.call_id |
From ToolCallRequest.call_id |
context.original_args_hash |
SHA-256 of canonical arguments |
context.pdp_application |
Constructor parameter |
PDP constraints in the response are mapped to ToolCallResult.modified_arguments for parameter clamping.
Audit Pipeline
The audit backend provides governance-grade export, not simple log shipping:
- Redaction — Sensitive keys (
password,secret,token,api_key,credential) are redacted before persistence - Hash Chaining — Each receipt includes a
prev_hashlinking to the prior entry, producing a tamper-evident chain - Idempotency — Each receipt gets a unique idempotency key for deduplication
- Retry with Backoff — Failed exports are retried with exponential backoff
- Dead Letter — Persistently failing batches are routed to a configurable dead-letter callback
Development
pip install -e ".[dev]"
pytest tests/ -v
ruff check src/ tests/
mypy src/
License
MIT — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aria_agentkit-0.1.0.tar.gz.
File metadata
- Download URL: aria_agentkit-0.1.0.tar.gz
- Upload date:
- Size: 20.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e2df4233499ae58a6ecd458191c5c9dd9dbe6d6ddb9e3f351167c43f46142fc7
|
|
| MD5 |
f9975c3218eb0ae45785fa73ee50bcb7
|
|
| BLAKE2b-256 |
d2466f089ce221a7770b4ccc5c133a57c0fd1fa022a3d8fca7bb170c9cb09392
|
File details
Details for the file aria_agentkit-0.1.0-py3-none-any.whl.
File metadata
- Download URL: aria_agentkit-0.1.0-py3-none-any.whl
- Upload date:
- Size: 17.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bf4775e0ae9424c3e8e46ca5874e6725a3b8b82b46fe9aa75aed34a880a0c2b4
|
|
| MD5 |
0c8a0bf0ad355502e40604d0bbff9964
|
|
| BLAKE2b-256 |
59417f5535d5edbd081ec4846637a43760e76d80de7352d55da1abffa1bca939
|
