Quickstart
Register your first agent and receive a DID in under 10 minutes.
npm install @cleerd/sdk
import { Cleerd } from '@cleerd/sdk'
const client = new Cleerd({ apiKey: 'your-api-key' })
const agent = await client.registerAgent({
name: 'my-agent',
capabilities: ['read', 'write'],
})
console.log(agent.did) // did:cleerd:abc123...Installation
Install the Cleerd SDK for your preferred language and runtime.
# Node.js / TypeScript npm install @cleerd/sdk # Python pip install cleerd # Go go get github.com/cleerd/cleerd-go
DID Architecture
Cleerd uses W3C Decentralised Identifiers to give every AI agent a globally unique, cryptographically verifiable identity anchored to its deployer.
Each DID document contains the agent's public key, deployer reference, and capability attestations. Resolution is handled via the Cleerd resolver network.
Credential Types
Verifiable Credentials issued by Cleerd follow the W3C VC Data Model and include identity, capability, and constitutional compliance attestations.
Supported types: AgentIdentityCredential, CapabilityCredential, ConstitutionalComplianceCredential, and DeployerAttestationCredential.
Constitutional Hashing
A SHA-256 hash of the agent's system prompt and behavioural constraints is embedded in its credential, enabling receivers to verify the agent operates within declared boundaries.
const hash = await cleerd.hashConstitution({
systemPrompt: agent.systemPrompt,
constraints: agent.constraints,
})
// => "sha256:a1b2c3d4e5f6..."Authentication
All API requests require a Bearer token in the Authorization header.
Authorization: Bearer <your-api-key> # Example curl -H "Authorization: Bearer sk_live_..." \ https://api.cleerd.com/v1/agents
Verify Agent
Verify an agent's identity and credentials in real time.
POST /v1/agents/verify
Accepts a DID or credential presentation and returns a verification result with trust score, credential status, and deployer information.
Register Agent
Register a new agent and receive a DID and initial credentials.
POST /v1/agents/register
Requires deployer authentication. Returns the agent DID, public key, and a set of verifiable credentials.
Error Codes
Standard error responses returned by the Cleerd API.
401 — Invalid or missing API key
403 — Insufficient permissions
404 — Agent or credential not found
422 — Validation error
429 — Rate limit exceeded
JavaScript SDK
Official TypeScript/JavaScript SDK for Node.js and edge runtimes.
npm install @cleerd/sdk
import { Cleerd } from '@cleerd/sdk'
const client = new Cleerd({ apiKey: process.env.CLEERD_API_KEY })Python SDK
Python SDK with async support for FastAPI, Django, and standalone scripts.
pip install cleerd from cleerd import Cleerd client = Cleerd(api_key=os.environ["CLEERD_API_KEY"])
Go SDK
Go module for high-performance server-side agent verification.
go get github.com/cleerd/cleerd-go
import "github.com/cleerd/cleerd-go"
client := cleerd.New(os.Getenv("CLEERD_API_KEY"))Express Middleware
Drop-in middleware that verifies agent credentials on every incoming request to your Express API.
import { cleerd } from '@cleerd/sdk/express'
app.use(cleerd.verify({
required: true,
allowedCapabilities: ['read'],
}))AWS Lambda
Lightweight wrapper for verifying agent identity in serverless Lambda functions.
import { withCleerd } from '@cleerd/sdk/lambda'
export const handler = withCleerd(async (event, context) => {
const agent = context.cleerd.agent
return { statusCode: 200, body: agent.did }
})Kubernetes Sidecar
Deploy Cleerd as a sidecar container for transparent agent verification at the network level.
# Add to your pod spec
containers:
- name: cleerd-sidecar
image: cleerd/sidecar:latest
ports:
- containerPort: 9090
env:
- name: CLEERD_API_KEY
valueFrom:
secretKeyRef:
name: cleerd-secrets
key: api-keyChangelog
Recent updates and releases.
v0.4.0 — 2025-06-01
- Added Go SDK with full API parity
- Constitutional hashing now supports multi-prompt agents
- New error code documentation
v0.3.0 — 2025-05-15
- Python SDK async support
- Kubernetes sidecar guide
- Rate limiting improvements