Skip to main content

Identity & authorisation infrastructure for AI agents — install once, discover every agent, authorise every action.

Project description

Xybern

Identity & authorisation infrastructure for AI agents. Install once — Xybern discovers every AI agent in your system, gives each a cryptographic identity, and (when you turn enforcement on) authorises every action before it executes.

pip install xybern
xybern login          # browser device-code flow (auto-links your workspace)
from xybern import auto
auto.connect()        # discovers frameworks + agents + tools, registers them, instruments them
✓ Detected frameworks: CrewAI, LangGraph, 2 MCP servers
✓ Found 12 agents · 48 tools
✓ Registered to workspace "Acme Corp" (each issued a cryptographic identity)
✓ Mode: OBSERVE — actions logged, nothing blocked yet

Where to add it

Add these two lines once, at your app's startup — before your agents run. That's the whole integration.

from xybern import auto
auto.connect()
# ... then your normal code: build agents, run the crew/graph, serve, etc.
Your setup Where to put it
Agent script (CrewAI / LangChain / OpenAI Agents / LlamaIndex) Top of your main file, before creating agents
FastAPI Right after app = FastAPI()
Celery In the Celery app module (runs in each worker)
MCP server Top of the server entry, before serving tools
Django An AppConfig.ready() or wsgi.py
Jupyter First cell

Multi-process (gunicorn / multiple Celery workers): run it in the module each worker imports, so every process is covered.

What it does

  • Auto-discovery — detects and instruments LangChain, CrewAI, OpenAI Agents SDK, MCP servers, LangGraph, AutoGen, Semantic Kernel, LlamaIndex (and FastAPI/Celery). No manual wiring; agents appear in your Xybern dashboard as your app creates them.
  • Cryptographic identity — every discovered agent is registered and issued an identity, so its actions are attributable and signable.
  • Authorisation before execution — each tool/agent action passes through Xybern's policy engine; allow / block / escalate.
  • Observe-first & fail-open — default mode only logs (never blocks). When you switch to enforce, the SDK fails open if Xybern is unreachable, so it can't take your agents down.
  • Privacy — sends content hashes by default, not raw payloads.

Modes

auto.connect()                 # OBSERVE (default): log + inventory, never blocks
auto.connect(mode="enforce")   # authorise actions (allow/block/escalate)

or persist it: xybern enforce on / xybern enforce off.

CLI

xybern login [--api-key xb_...]   # device-code flow, or paste a key / set XYBERN_API_KEY
xybern agents                     # dry-run: what would be discovered
xybern status
xybern enforce on|off
xybern logout

Auth options

  1. Device codexybern login opens a browser; approve + pick a workspace; a scoped key is minted and stored in ~/.xybern/credentials.json.
  2. API keyxybern login --api-key xb_..., or export XYBERN_API_KEY=xb_..., or auto.connect(api_key="xb_...").

Configuration

Option Default Meaning
mode observe observe (log only) or enforce (act on decisions)
fail_open True allow actions through if Xybern is unreachable (enforce mode)
redact True send content hashes instead of raw content
frameworks all restrict to specific frameworks

Docs: https://docs.xybern.com/authorization/sdk

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

xybern-2.0.1.tar.gz (15.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

xybern-2.0.1-py3-none-any.whl (16.8 kB view details)

Uploaded Python 3

File details

Details for the file xybern-2.0.1.tar.gz.

File metadata

  • Download URL: xybern-2.0.1.tar.gz
  • Upload date:
  • Size: 15.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for xybern-2.0.1.tar.gz
Algorithm Hash digest
SHA256 04bf956b6e53fff8bb32aa45d06d2e975919d98981a6d6e6d306845991194484
MD5 8deaebfa5c0eeefcded1ee2074b8044c
BLAKE2b-256 806615392c1d40ca5196557444cea8baadefef2c1b989ca0ba01ffe669b5ceec

See more details on using hashes here.

File details

Details for the file xybern-2.0.1-py3-none-any.whl.

File metadata

  • Download URL: xybern-2.0.1-py3-none-any.whl
  • Upload date:
  • Size: 16.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for xybern-2.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 f1b34d3bda7a087aaa5015e768d16f05a55d5363f72d92b835980e2811b0ad80
MD5 4f736c70543ca37f1a79793b5068b9a4
BLAKE2b-256 acddce70500a6588b6a48a9a4cb147f3b51a9acc4e57dad0f73fbd63d3b7c410

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page