OpenA2A/AIM Docs

Quick Start

Get up and running with AIM in under 5 minutes. This guide will walk you through setting up your first AI agent and verifying its identity.

📦 Step 0: Download & Install AIM

Before you can use AIM, you need to download and install the AIM server on your infrastructure.

Download from GitHub:

Download AIM from GitHub

Follow the Installation Guide to deploy AIM on your infrastructure using Docker Compose or Kubernetes.

Prerequisites: AIM server installed and running, Node.js 18+ or Python 3.8+ installed on your system.

Step 1: Download Your Personalized SDK

Zero Configuration: We don't distribute via pip/npm. Instead, download your personalized SDK from the dashboard - it comes pre-configured with your credentials!

Download Process
  1. 1. Deploy AIM and login to your dashboard at http://localhost:3000
  2. 2. Navigate to Settings → SDK Download
  3. 3. Click "Download Python SDK"
  4. 4. Extract the downloaded SDK package
  5. 5. Start using immediately - no configuration needed!

Step 2: No API Keys Needed!

SDK Users: Your downloaded SDK already has credentials embedded - skip to Step 3!

Only for Direct API Integration (if you're not using the SDK):

  1. Go to your AIM dashboard at http://localhost:3000
  2. Navigate to Settings → API Keys
  3. Click Generate New Key
  4. Copy your API key for direct API calls

Step 3: Use Your SDK

✅ Auto-Verified: Agents created via the SDK are automatically verified and ready to work immediately! No manual approval needed.

Python SDK (Pre-Configured)
# Navigate to your extracted SDK folder
# No installation needed - just import and use!

from aim_sdk import secure

# One line - your agent is registered AND verified!
agent = secure("my-agent")

# That's it! No API keys, no URLs, no configuration!
# The SDK already knows your credentials
# Agent is verified and ready to work immediately!
Direct API Usage (Without SDK)

Note: Replace http://localhost:8080 with your AIM server URL if deployed elsewhere.

import requests

# Only needed if you're NOT using the SDK
headers = {
    "Authorization": f"Bearer {api_key}",
    "X-Organization-ID": organization_id
}

# Agent types: claude, gpt, gemini, langchain, crewai, autogen, etc.
response = requests.post(
    "http://localhost:8080/v1/agents/register",
    headers=headers,
    json={"name": "my-agent", "agentType": "langchain"}
)

Step 4: Secure Your Actions

Python - Automatic Action Verification
# Your agent was already registered in Step 3!
# Now just use decorators for automatic verification

@agent.perform_action("db:read", resource="users_table")  # namespace:action format
def get_user_data(user_id):
    """This action is automatically verified by AIM"""
    return database.query(f"SELECT * FROM users WHERE id = {user_id}")

@agent.perform_action("notification:send", resource="admin@example.com")  # namespace:action format
def send_notification(message):
    """High-risk actions require higher trust scores"""
    send_email("admin@example.com", message)

# Call your functions normally - AIM handles verification
data = get_user_data(12345)
send_notification("System update complete")

Step 5: Verify Agent Identity

JavaScript/TypeScript
// Create a signature
import { signPayload } from '@opena2a/aim-sdk';

const payload = {
  action: 'generate_text',
  timestamp: Date.now(),
  nonce: crypto.randomBytes(16).toString('hex')
};

const signature = await signPayload(payload, privateKey);

// Verify the agent
const verification = await client.agents.verify(
  agent.id,
  signature,
  payload
);

if (verification.valid) {
  console.log('✅ Agent identity verified');
  console.log('Trust score:', verification.trustScore);
} else {
  console.log('❌ Verification failed');
}

Step 6: Request Additional Capabilities

Capability Requests: Need more capabilities? Request them via SDK — admins approve in the dashboard. This is where the security checkpoint happens, not at initial agent creation.

Request New Capabilities (Python SDK)
# Your agent needs database write access for a new feature
agent.request_capability(
    capability_type="db:write",
    reason="Need database write access for the new reporting feature"
)
# → Creates pending request for admin approval

# Admin reviews in Dashboard → Admin → Capability Requests
# Admin clicks Approve or Reject
# If approved, capability is immediately granted!

🛡️ CBAC (Capability-Based Access Control): Even if someone tries to trick your agent via prompt injection, AIM will block actions that aren't in the agent's declared capabilities. This is industry-first security for AI agents!Learn more →

Next Steps

Agent Identity

Learn more about agent registration, verification, and management.

MCP Servers

Register and verify MCP servers for enhanced capabilities.

API Reference

Explore the complete REST API documentation with examples.

Security Model

Understand AIM's comprehensive security architecture.

🛡️ CBAC

Learn about Capability-Based Access Control — how AIM blocks prompt injection attacks.

Capability Requests

Request additional capabilities for your agents with admin approval workflow.