MCP guide

Agent-facing Trust Authority tools

The MCP surface lets autonomous agents verify peers, inspect credentials, audit interactions, and attest managed sessions. MCP, A2A, AP2, ACP, TAP, and x402 work with the agent protocols you already use.

Tool 7 of 7

attest_managed_session

Runtime attestation records evidence that a managed-agent session meets declared trust constraints at the moment of attestation. Raw session tokens are hashed for audit correlation and are not persisted as raw values.

attest-managed-session
{
  "jsonrpc": "2.0",
  "id": "attest-001",
  "method": "tools/call",
  "params": {
    "name": "attest_managed_session",
    "arguments": {
      "session_token": "runtime-session-token",
      "agent_did": "did:web:example.com:agent:procurement",
      "declared_constraints": {
        "model_identity": "claude-managed-agent",
        "capability_policy": "procurement-readonly",
        "data_boundary": "eu-region"
      },
      "ttl_seconds": 300
    }
  }
}

Expected response shape

attestation-response.json
{
  "attestation_state": "attested",
  "agent_did": "did:web:example.com:agent:procurement",
  "session_token_hash": "sha256:5f70bf18...",
  "runtime": {
    "runtime_id": "anthropic-managed-agents",
    "runtime_version": "2026-04"
  },
  "attestation_artifact_hash": "sha256:a8d5c08b...",
  "attestation_artifact_url": "https://api.trustauthority.ai/v1/attestations/a8d5c08b",
  "verified_at": "2026-05-12T10:30:00Z",
  "ttl_seconds": 300,
  "expires_at": "2026-05-12T10:35:00Z"
}