The problem ANIP solves
Today's APIs were designed for human developers who read docs and write deterministic code. When agents use them directly, they learn by failing.
Agent wants to book a flight
→ Guesses POST /bookings is the right endpoint
→ Discovers auth requirements by getting a 401
→ Discovers missing scope by getting a 403
→ Books the flight
→ Discovers cost was $800 not $420 (undeclared fees)
→ Cannot undo — no rollback info was available
→ No audit trail accessible to the agent
Agent queries manifest
→ Sees book_flight: irreversible, financial
→ Sees cost: ~$420 ±10%, currency: USD
→ Checks delegation chain has travel.book scope
→ Checks budget authority: $500 limit
→ Confirms rollback_window: none (permanent)
→ Decides to proceed with full context
→ Invocation result includes audit trail + lineage
How it works
An ANIP service exposes a standard set of endpoints. Agents discover what's available, check permissions, then invoke with full context.
Discover
Agent fetches the discovery document and manifest to learn what capabilities exist, their side effects, costs, and required scopes.
curl https://service.example/.well-known/anip
Evaluate
Agent checks permissions before acting. The service tells the agent what's available, restricted, or denied — not after a failed call, but on request.
{
"available": [{ "capability": "search_flights", "scope_match": "travel.search" }],
"restricted": [{ "capability": "book_flight", "reason": "missing scope", "grantable_by": "human" }],
"denied": []
}
Invoke
Agent invokes with a scoped delegation token. The response includes structured success or failure with recovery guidance, cost, and lineage identifiers.
{
"success": true,
"invocation_id": "inv_7f3a2b",
"result": { "flights": [{ "number": "AA100", "price": 420 }] },
"cost_actual": { "currency": "USD", "amount": 0 }
}
Verify
Every invocation is audit-logged with signed checkpoints. Agents, operators, and compliance tools can verify what happened, when, and under what authority.
curl -X POST https://service.example/anip/audit \
-H "Authorization: Bearer <token>" \
-d '{"capability": "search_flights", "limit": 5}'
Build an ANIP service in minutes
You write business logic. The runtime handles discovery, JWT tokens, signed manifests, delegation validation, audit logging, and Merkle checkpoints.
from fastapi import FastAPI
from anip_service import ANIPService, Capability
from anip_fastapi import mount_anip
service = ANIPService(
service_id="my-service",
capabilities=[
Capability(
name="search_flights",
description="Search available flights",
side_effect="read",
scope=["travel.search"],
handler=lambda ctx, params: {"flights": [{"number": "AA100", "price": 420}]},
),
],
authenticate=lambda bearer: {"demo-key": "human:[email protected]"}.get(bearer),
)
app = FastAPI()
mount_anip(app, service)
# 9 endpoints, signed manifest, delegation, audit — all handled
This gives you 9 protocol endpoints, a signed manifest, delegation-based auth, structured failures, and a verifiable audit log — from 20 lines of code.
Available in Python, TypeScript, Java, Go, and C#.
Follow the quickstartWhat ships today
ANIP is not a spec waiting for implementations. It ships working runtimes, tools, and examples across five languages.
5 runtimes
TypeScript, Python, Java, Go, and C#. Each runtime handles the full protocol — discovery, delegation, audit, checkpoints — so you only write capabilities.
3 transports
HTTP (all runtimes), stdio via JSON-RPC 2.0 (all runtimes), and gRPC via shared proto (Python + Go). Same capabilities, multiple wire formats.
Interface adapters
Mount REST (auto-generated OpenAPI + Swagger), GraphQL (auto-generated SDL), and MCP (Streamable HTTP) alongside native ANIP on the same service.
ANIP Studio
Inspection and invocation UI. Connect to any ANIP service, browse capabilities, check permissions, invoke with structured failure display. Embedded or standalone Docker.
Testing tools
Conformance suite validates protocol compliance. Contract testing verifies declared side effects match observed behavior. Both run against any runtime.
Showcase apps
Travel booking, financial operations, and DevOps infrastructure — three full ANIP services demonstrating real-world patterns with all interfaces mounted.
How ANIP compares
ANIP is not a replacement for HTTP, gRPC, or MCP. It adds the execution context layer that those protocols don't provide.
| Capability | REST / OpenAPI | MCP | ANIP |
|---|---|---|---|
| Tool / endpoint discovery | OpenAPI spec | Yes | Yes |
| Side-effect declaration | No | No | read / write / transactional / irreversible |
| Permission discovery before invoke | No | No | available / restricted / denied |
| Scoped delegation (not just auth) | No | No | JWT delegation chains with scope + budget |
| Cost declaration + actual cost | No | No | Declared range + actual returned |
| Structured failure + recovery | HTTP status codes | Error codes | Type, detail, resolution, grantable_by, retry |
| Audit logging | App-specific | No | Protocol-level with retention + classification |
| Signed manifests + checkpoints | No | No | JWKS + Merkle checkpoints |