Authorization Control Plane for AI Agents

Authorize Agents.
Stop Unsafe Actions.

Connect agent runtimes, authorize every privileged request, and monitor or contain unsafe behavior in real time.

Lemma.id is a proof-first authorization control plane for AI agents and SaaS runtimes. It binds identity to runtime context, enforces policy locally, and gives operators live decision logs and kill switches.

Agent Runtime LLM + Prompt read • write • shell • exec • net • ingest Connect Runtime (1 command) Proof Issuance PPID-bound identity • taint_epoch=0 low • high • critical Per-Request Gateway Local Verifier (edge) Hosted Control Plane (cloud) X-Lemma-Credential header ✅ ALLOW + Decision Log ⚠ Taint Bump → Stale Denied ❌ Revocation / Kill Switch → token_revoked t0 t1 t2 t3 t4 t5 t6 t7 t8

Proof-First Control Plane • Same action. Different trust state. Instant containment.

Checking credentials...

Proof-first by default
Runtime kill switches
Decision logs + explainability

How Lemma.id Works

Connect a runtime, enforce policy on every privileged request, and monitor or stop activity from one control plane.

1

Connect Runtime

Run one command to register a runtime with Lemma.id and turn on proof-first defaults.

2

Enforce Per Request

The gateway checks proof, scope, audience, and runtime state before any privileged action runs.

3

Monitor + Contain

Track decisions live, investigate allow or deny results, and trigger kill switches to stop unsafe behavior immediately.

Proof-Native Authorization

Signed proofs and claim checks authorize sensitive actions, with compatibility paths only where policy allows them.

PPID-Bound Identity

Runtime controls and delegation are tied to pairwise identifiers (PPIDs), so identity stays site-specific instead of globally trackable.

Runtime Policy Defaults

Every connected runtime inherits a policy profile and risk defaults (`low`, `high`, `critical`) with server-side enforcement.

Kill Switch Controls

Revoke or kill runtime access instantly and deterministically in the request path.

Decision Explainability

See why a request was allowed or denied with decision logs, runtime context, and the policy snapshot used at the time.

Local-First + Hosted Control Plane

Keep low-latency local verification where possible while using a hosted control plane for governance, revocation, and runtime operations.

Deploy Runtime Authorization Without Building It Yourself

Ship per-request authorization, runtime monitoring, and kill-switch controls without standing up a separate authz stack.

Open Agent Ops View Docs

Proof-first • Site-specific identity • Runtime controls