OrgKernel is open-source (Apache 2.0) — inspect, audit, and contribute. View on GitHub →
AURA OrgKernel Mission Layer Runtime Control Plane
Apache 2.0 LICENSED · OPEN SOURCE

OrgKernel

The open-source trust foundation of AURA. Cryptographic agent identity, instance-scoped permissions, and tamper-proof audit logging — transparent by design, not by promise.

VIEW ON GITHUB → READ DOCS
REPOSITORY
orgkernel
metaprise / orgkernel
Apache 2.0
AgentIdentity
Ed25519 Signed Credentials
CORE
ExecutionToken
Instance-Scoped Permissions
AUTH
AuditChain
SHA-256 Hash-Chained Log
AUDIT
SSO / SAML + SCIM
Enterprise Identity Federation
SSO
TypeScript
Rust
Star
Apache 2.0
Licensed
5
Core Modules
Ed25519
Agent Identity
SHA-256
Audit Chain
CORE MODULES

Five pillars of
agent trust.

OrgKernel provides the cryptographic identity, scoped permissions, tamper-proof audit logging, and enterprise identity federation that every agent in the Metaprise ecosystem depends on.

MODULE 01

AgentIdentity

Cryptographic Organizational Identity

Ed25519 cryptographically signed organizational identity credentials — revocable, time-limited, and bound to org units. Every agent action is traceable to a verifiable identity.

ED25519 REVOCABLE TIME-LIMITED ORG-BOUND
MODULE 02

ExecutionToken

Instance-Scoped Permission Tokens

Per-execution permission tokens enforced at the Tool Gateway layer. Each agent execution receives exactly the permissions it needs — no more, no less. Scoped to a single instance.

INSTANCE-SCOPED TOOL GATEWAY LEAST PRIVILEGE
MODULE 03

AuditChain

Tamper-Proof Audit Logging

SHA-256 hash-chained tamper-proof audit log, written synchronously. Every agent action — tool calls, data access, state changes — is recorded in an immutable, verifiable chain.

SHA-256 HASH-CHAINED SYNCHRONOUS IMMUTABLE
MODULE 04

SSO / SAML Integration

Enterprise Single Sign-On

Full enterprise SSO support with SAML 2.0. Integrate agent identity management with your existing identity provider — Okta, Azure AD, Ping Identity, OneLogin, and any SAML-compliant IdP.

SAML 2.0 OKTA AZURE AD IDP AGNOSTIC
MODULE 05

SCIM User Sync

Cross-Domain Identity Management

Automatic user provisioning and deprovisioning via SCIM 2.0. When an employee joins, moves, or leaves your organization, agent permissions update automatically — no manual intervention.

SCIM 2.0 AUTO-PROVISION AUTO-DEPROVISION LIFECYCLE
IDENTITY & AUTHENTICATION

AgentIdentity &
DualToken Auth

Every agent receives a cryptographic identity at registration — an Ed25519 key pair bound to its organizational unit. At execution time, OrgKernel issues a DualToken: the AgentIdentity credential plus an instance-scoped ExecutionToken. Both must validate before any tool call reaches the gateway.

IDENTITY ISSUANCE
Ed25519 Key Pair: Elliptic-curve signing — fast, compact, quantum-resistant upgrade path
Org-Unit Binding: Identity is scoped to a specific business unit, department, or team
Time-Limited: Credentials expire on a configurable schedule — no permanent tokens
Revocation: Instant revocation propagates across the entire execution graph
DUALTOKEN VALIDATION
AgentIdentity Token: Proves the agent's organizational membership and signing authority
ExecutionToken: Grants instance-scoped permissions for a single mission execution
Tool Gateway Enforcement: Both tokens validated at the gateway before any tool call proceeds
Least Privilege: ExecutionToken carries only the permissions the mission requires
TAMPER-PROOF LOGGING

AuditChain

Every agent action — tool calls, data access, state changes, permission checks — is recorded as an entry in the AuditChain. Each entry contains a SHA-256 hash of the previous entry, forming an immutable, verifiable chain. Written synchronously: the action does not proceed until the audit entry is committed.

CHAIN STRUCTURE
Hash-Chained Entries: Each entry contains prev_hash, action, timestamp, agent_id, and payload hash
SHA-256 Integrity: Modifying any historical entry breaks the chain — instantly detectable
Synchronous Writes: Execution blocks until the audit entry is persisted — no fire-and-forget
Immutable Append-Only: Entries can never be modified or deleted after commit
COMPLIANCE & VERIFICATION
Full Replay: Reconstruct any agent's entire action history from the chain
Selective Audit: Query the chain by agent, mission, time range, or action type
External Verification: Third-party auditors can independently verify chain integrity
Regulatory Evidence: Meets evidentiary requirements for financial, healthcare, and legal compliance
IDENTITY FEDERATION

Enterprise SSO
& SCIM Sync

Connect OrgKernel to your existing identity infrastructure. SAML 2.0 SSO means your teams authenticate once; SCIM 2.0 means user provisioning, role changes, and offboarding propagate to agent permissions automatically — zero manual overhead.

SSO / SAML 2.0
Any SAML IdP: Okta, Azure AD, Ping Identity, OneLogin, Google Workspace, custom IdP
Single Sign-On: One authentication grants access to all agent platforms and tools
MFA Enforcement: Leverage your IdP's multi-factor policies — OrgKernel inherits them
Session Management: Configurable session lifetimes, forced re-authentication for sensitive operations
SCIM 2.0 PROVISIONING
Auto-Provision: New employees receive agent access and permissions on day one
Role Mapping: IdP groups map to OrgKernel authority levels (L1–L4)
Auto-Deprovision: Offboarded users lose all agent access instantly — no orphaned permissions
Cross-Domain: Manage identity across multiple business units and subsidiaries from one source
AUTHENTICATION FLOW

From identity to execution — every step verified.

The complete OrgKernel authentication pipeline. No step can be skipped; each produces an audit entry before the next begins.

STEP 01
SSO Login
SAML assertion from enterprise IdP
STEP 02
Identity Verify
Ed25519 signature validation
STEP 03
Token Issue
DualToken issued for this execution
STEP 04
Policy Check
Control Plane PERMIT / DENY
STEP 05
Tool Gateway
Validated request hits tool layer
STEP 06
Audit Write
SHA-256 entry appended to chain
QUICK START
# Install OrgKernel pip install orgkernel # Initialize identity from orgkernel import OrgKernel, AgentIdentity kernel = OrgKernel.init( org_id="acme-corp", sso_provider="okta" ) # Register an agent identity identity = kernel.create_identity( name="compliance-agent", org_unit="legal/compliance", ttl="24h" ) # Issue execution token token = kernel.issue_token( identity=identity, tools=["doc_reader", "email_sender"], authority_level=2 ) # Verify audit chain integrity valid = kernel.audit_chain.verify() # → True (all hashes valid)
metaprise/orgkernel
Open-Source Trust Layer for AI Agents

The cryptographic identity, permission, and audit infrastructure that powers every agent on the Metaprise platform. Apache 2.0 licensed — audit the code, verify the cryptography, contribute improvements.

5
Modules
Apache 2.0
License
100%
Test Coverage
TypeScript
Rust
Python
VIEW REPO READ DOCS
OPEN SOURCE COMMUNITY

Transparent by design.

Star on GitHub

Show your support and stay updated with new releases, security patches, and feature additions to OrgKernel.

Star Repository →

Read Documentation

Comprehensive guides for integration, API reference, deployment patterns, and security best practices.

View Docs →

Join Community

Report issues, submit pull requests, discuss architecture decisions, and help shape the future of agent trust infrastructure.

Contribute →

OrgKernel is Apache 2.0 licensed: The trust foundation you depend on is fully open-source. Inspect every line, audit the cryptography, fork for your own infrastructure, and contribute improvements back to the community. No vendor lock-in, no black boxes.

Agent trust you can verify — not just believe.

Open-source identity, permissions, and audit — the cryptographic foundation of every Metaprise agent.

VIEW ON GITHUB → TALK TO SALES