missionsPhase 10

Resource Access

After mission approval, the agent proactively requests a resource token via POST /authorize before accessing the resource. The AAuth-Mission header is included and aauth-mission is added to the signed HTTP Message Signature components (§588). The resource issues a four-party resource token with aud=AS, and the PS federates to the AS to exchange it for an auth token (iss=AS, dwk=aauth-access.json). The mission claim flows through the entire token chain — creating an end-to-end audit trail tied to the user-approved mission.

§ Proactive Resource Authorization

POST https://api.example/authorize200

Agent proactively requests a resource token BEFORE accessing the resource.

AAuth-Mission header carries the approved mission reference (approver + s256).

aauth-mission is included in the signed components per §588.

AAuth-Capabilities is included on resource requests per §1731 (SHOULD).

This is a four-party flow: resource issues token with aud=AS; agent must exchange via PS.

The aa-resource+jwt carries mission: {approver, s256} — first token in the chain.

1 / 5

speed

Step 1: POST /authorize + AAuth-Mission → resource token

Request / response

Token Lifecycle

Resource Tokenaa-resource+jwt

Auth Tokenaa-auth+jwt

Mission Context

Description (Markdown)

# Analyze Q2 Customer Feedback

Read customer feedback records and produce a summary report with sentiment analysis and key themes.

Structured Fields

approverhttps://ps.example

agentaauth:local@agent.example

approved_at2026-04-14T17:14:54Z

s256R9kNpXeErMQ1Jvk_vxYUp3YEdggmvUhksWtjXtcmnh0

Approved Tools

FeedbackReader

Read customer feedback records

ReportWriter

Write the summary report to the shared drive

PS Capabilities

interactionclarification

POSThttps://api.example/authorize

Content-Type?

application/json

AAuth-MissionAAuth?

approver="https://ps.example"; s256="R9kNpXeErMQ1Jvk_vxYUp3YEdggmvUhksWtjXtcmnh0…

AAuth-CapabilitiesAAuth?

interaction, clarification

Signature-KeyAAuth?

sig=jwt;jwt="eyJhbGciOiJFZERTQSIsImtpZCI6ImFnZW50LWtleS0xIiwidHlwIjoiYWEtYWdlbnQ…

Signature-InputAAuth?

sig=("@method" "@authority" "@path" "signature-key" "aauth-mission");created=170…

SignatureAAuth?

sig=:AQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQIDAQI…

Body

{
  "scope": "read"
}

HTTP Signaturescheme=jwt

Covered Components

@method

@authority

@path

signature-key

aauth-mission

Signature Base

"@method": POST

"@authority": api.example

"@path": /authorize

"signature-key": sig=jwt;jwt="eyJhbGciOiJFZERTQSIsImtpZCI6ImFnZW50LWtleS0xIiwidHlwIjoiYWEtYWdlbnQrand0In0…"

"aauth-mission": approver="https://ps.example"; s256="R9kNpXeErMQ1Jvk_vxYUp3YEdggmvUhksWtjXtcmnh0"

"@signature-params": sig=("@method" "@authority" "@path" "signature-key" "aauth-mission");created=1700000000;alg="ed25519"

Signature-Key Header

sig=jwt;jwt="eyJhbGciOiJFZERTQSIsImtpZCI6ImFnZW50LWtleS0xIiwidHlwIjoiYWEtYWdlbnQrand0In0…"

Signature-Input Header

sig=("@method" "@authority" "@path" "signature-key" "aauth-mission");created=1700000000;alg="ed25519"

Resource Tokenaa-resource+jwt

Header

{"alg":"EdDSA",
"kid":"resource-key-1",
"typ"?Token type identifier. aa-agent+jwt = Agent Token, aa-resource+jwt = Resource Token, aa-auth+jwt = Auth Token:"aa-resource+jwt"
}

Payload

{"iss"?Issuer — who created and signed this token:"https://api.example",
"aud"?Audience — which party should accept this token:"https://as.example",
"dwk"?Discovery Well-Known — the metadata document path for key discovery (e.g. aauth-agent.json):"aauth-resource.json",
"jti"?JWT ID — unique identifier for this token (prevents replay):"40d22ef7-f985-4641-93d6-0c9c2d4fbc1d",
"agent"?Agent identifier in aauth: URI format (e.g. aauth:local@domain):"aauth:local@agent.example",
"agent_jkt"?JWK Thumbprint of the agent's signing key — used for key binding:"5j5WMuITu8-cV1RdClUeNgnSg3aLJpCYiFvzcwDgYhI",
"scope"?Authorized scope/permissions granted by this token:"read",
"iat"?Issued At — Unix timestamp when the token was created:1776222894,
"exp"?Expiration — Unix timestamp after which the token is invalid:1776223494,
"mission"?Mission reference — approver URL and s256 hash of the mission blob:{"approver"?Person Server URL that approved this mission:"https://ps.example",
"s256"?SHA-256 hash of the mission blob — immutable mission fingerprint:"R9kNpXeErMQ1Jvk_vxYUp3YEdggmvUhksWtjXtcmnh0"
}
}

sig: ewckxdV7ZsyDJiiYgSWM5f5pDcV3ZfAt…

Agent Tokenaa-agent+jwt

Header

{"alg":"EdDSA",
"kid":"agent-key-1",
"typ"?Token type identifier. aa-agent+jwt = Agent Token, aa-resource+jwt = Resource Token, aa-auth+jwt = Auth Token:"aa-agent+jwt"
}

Payload

{"iss"?Issuer — who created and signed this token:"https://agent.example",
"sub"?Subject — who or what the token is about:"aauth:local@agent.example",
"dwk"?Discovery Well-Known — the metadata document path for key discovery (e.g. aauth-agent.json):"aauth-agent.json",
"jti"?JWT ID — unique identifier for this token (prevents replay):"a6ae301d-1dc7-4b75-8f8b-5612197664a7",
"cnf"?Confirmation — proof-of-possession claim binding this token to a key:{"jwk"?JSON Web Key — the public key bound to this token:
},
"iat"?Issued At — Unix timestamp when the token was created:1776222894,
"exp"?Expiration — Unix timestamp after which the token is invalid:1776226494,
"ps"?Person Server URL — the PS that represents this agent's user:"https://ps.example"
}

sig: 8byvGd-PR3uOLeS_HYOpbW7OD_8whUuD…