IDENTITY DELEGATION CHAIN
-
Enterprise IAM (Okta / Entra ID)
Verified Human
delegates to
-
Human Identity Token
HIT
authorizes
-
Agent Identity Token
AIT
spawns
-
Ephemeral Execution Context
TTL: 47ms
anchors to
-
Cryptographic Ledger
Immutable Proof
150K+
EPHEMERAL IDS / DAY
<1ms
TOKEN ISSUANCE LATENCY
100%
ACTION ATTRIBUTABILITY
15d
POC TO PRODUCTION
WHAT IS NXTID ———
The identity fabric your
agents were missing.
Enterprise AI has reached an inflection point. Autonomous agents now execute high-stakes tasks — modifying infrastructure, querying sensitive data, invoking financial transactions — entirely without human oversight at the moment of action.
Traditional IAM was designed for humans logging into systems. It has no concept of delegation chains, ephemeral runtime identities, or cryptographic proof of agentic authority. nxtID fills that gap.
By issuing scoped, time-bound tokens to every agent and every ephemeral execution context — and anchoring each action to the originating human identity — nxtID delivers the accountability that regulated enterprises require.
🔗
Cryptographic Identity Linkage
Every agent action is mathematically tied to a verified human principal via an unbreakable delegation chain — no gaps, no assumptions.
⏱️
Ephemeral Identity Tracking
Captures and governs the ~150,000 short-lived runtime identities generated daily that traditional IAM cannot see.
🛡️
Least-Privilege Execution
Agents are scoped to the minimum authority required for each specific task. Permissions expire automatically at completion.
📋
Deterministic Audit Replay
Every decision, every tool call, every output is replayable from the immutable ledger — providing forensic-grade accountability.
LIVE PRODUCT ———
Real visibility into your
identity landscape.
The nxtID dashboard gives security and compliance teams a real-time view of every identity operating across their agentic AI environment — human, agent, sub-agent, connection, and ephemeral.
Identity Landscape & HIT → AIT Delegation Chain
— Live identity breakdown (8 humans, 127 agents, 738 connections), Human vs Non-Human breakdown, identity composition spectrum, and blockchain-verified HIT → AIT chain with Verified and Immutable Chain Record status.
HUMAN IDENTITIES
8
Employees — the root of all delegation chains
AI AGENTS
127
Each governed by a scoped, time-bound AIT
CONNECTIONS
738
System-to-system interactions — 78% of total identity surface
H : NH RATIO
1 : 117.9
For every 1 human, 117.9 non-human identities operate
LIVE PRODUCT ———
Real visibility into your
identity landscape.
The nxtID dashboard gives security and compliance teams a real-time view of every identity operating across their agentic AI environment — human, agent, sub-agent, connection, and ephemeral.
Agent Execution Audit Log
— Per-agent tool call log showing AI type (Grok, OpenAI), tool name, AIT ID, authority level, and blockchain anchors. 99 logged executions with full replay capability.
Authority Level Analysis & Action Inventory
— Sankey-style flow showing how each authority level (Informational → Override-Capable) routes to Conversation vs. Action execution. Privilege distribution table and per-tool risk profiles with success rates.
——— THE ASTP FRAMEWORK ———
Four principles.
Zero accountability gaps.
Every identity issued by nxtID adheres to the ASTP framework — the governing standard that ensures every agentic action is attributable, scoped, time-bound, and provable.
A
ATTRIBUTABLE
Every action traces to a human
The HIT (Human Identity Token) creates an unbreakable cryptographic link between every agentic action and the human principal who delegated authority. There is no anonymous AI execution.
HIT issued at human authentication time
Delegation chain preserved end-to-end
Cross-system attribution with zero gaps
S
SCOPED
Least-privilege at the agent level
Every AIT (Agent Identity Token) is bound to a specific task, resource set, and action type. Agents cannot access systems or perform actions outside their explicit authorization — regardless of underlying IAM permissions.
Task-specific permission binding
Resource-level access constraints
Action-type whitelisting per execution
T
TIME-BOUND
No persistent credentials for agents
AITs carry explicit expiry enforced at the platform level. Ephemeral Execution Contexts operate on Micro-Runtime TTLs — tokens auto-expire at task completion, eliminating persistent credential risk entirely.
Micro-Runtime TTL down to milliseconds
Automatic token revocation on completion
No long-lived service accounts for agents
P
PROVABLE
Cryptographic proof of every action
Every identity event, delegation step, and execution outcome is anchored to a decentralized cryptographic ledger. No PII is stored on-chain — only hash-based commitments that enable deterministic audit replay.
Hash-anchored immutable audit trail
Deterministic replay for forensic audit
Zero PII exposure on ledger
TOKEN ARCHITECTURE ———
Two tokens.
Complete accountability.
nxtID's dual-token model creates the identity foundation for every interaction between humans, agents, and enterprise systems.
HUMAN IDENTITY TOKEN
HIT
The human anchor of the delegation chain
Issued at human authentication time via your existing IAM provider. The HIT creates a persistent, cryptographically-signed record of the human principal authorizing agentic activity — it is the root of all accountability.
VALIDITY
Session-scoped; revocable at any time by the enterprise
ANCHORS TO
All downstream AITs and execution contexts
ON LEDGER
Hash commitment only — no PII stored on-chain
ISSUED BY
Your IAM provider (Okta, Entra ID, Ping, Google, SAML)
AGENT IDENTITY TOKEN
AIT
The agent's governed execution credential
Issued to each AI agent at task initiation. Every AIT is cryptographically linked to the originating HIT, scoped to a specific task and resource set, and carries a hard expiry enforced at the platform level.
SCOPE
Task-specific permissions, resource constraints, action types
TTL
Micro-Runtime — expires at task completion or hard limit
SPAWNS
Ephemeral Execution Contexts (sub-millisecond identities)
LINKED TO
Parent HIT — full delegation lineage preserved
IDENTITY LIFECYCLE ———
From login to ledger.
Every step governed.
👤
Human Auth
User authenticates via enterprise IAM
🪙
HIT Issued
Human Identity Token created & anchored
🤖
AIT Issued
Agent token scoped to specific task
⚡
Execution
Ephemeral context spawned with Micro-TTL
🔒
TTL Expiry
Token auto-revoked at task completion
📜
Ledger Proof
Cryptographic hash anchored immutably
INTEGRATIONS ———
Augments your IAM.
No rip-and-replace.
📡
Standards-Based Protocol Support
Full support for SAML, OAuth 2.0, and OIDC — enabling compatibility with any identity provider that adheres to modern authentication standards.
🤝
Identity Verification (IDV) Layer
Optional integration with CLEAR, Incode, and AuthID for biometric-grade identity verification at the human principal layer — elevating trust for high-assurance environments.
⚙️
Agent Orchestration Compatibility
Works alongside AWS, Azure, Sentrial, MeshAgent, and Trinity Technologies agent infrastructure — AIT injection is handled at the orchestration layer with no code changes required in the agent itself.
🔌
Native IAM Connectors
Pre-built connectors for Okta, Microsoft Entra ID, Ping Identity, and Google Identity / Workspace. HIT issuance is triggered at authentication with zero changes to existing IAM configuration.
IAM PROVIDERS
IDENTITY VERIFICATION
AGENT INFRASTRUCTURE
AI MODELS GOVERNED
nxtID operates as an identity governance layer — it integrates with your existing stack without modifying underlying model behavior or IAM policy.
USE CASES ———
Built for the industries
where accountability is non-negotiable.
🏥
Healthcare AI Governance
Ensure every clinical AI decision — from diagnostic assistance to care coordination — is traceable to a licensed clinician with documented authorization, meeting HIPAA audit requirements.
🏦
Financial Services Compliance
Govern AI agents executing trades, processing transactions, or accessing customer financial data with scoped authority, immutable audit trails, and real-time revocation capability.
🏛️
Government & Defense
Apply zero-trust identity principles to autonomous systems operating in classified or sensitive environments, with provable chain-of-custody for every action taken by AI systems.
☁️
Cloud Infrastructure Automation
Prevent runaway agents from over-provisioning, misconfiguring, or exfiltrating data — every infrastructure automation action is scoped, time-limited, and attributable to a human approver.
⚖️
Legal & Contract AI
Ensure AI-assisted contract review, e-discovery, and legal research is governed by attorney-of-record identity linkage, with full audit trails for professional liability purposes.
🔬
Life Sciences & Research
Govern AI agents performing literature synthesis, clinical trial data analysis, or regulatory submission drafting — with attribution chains meeting FDA 21 CFR Part 11 requirements.
PATENT PORTFOLIO ———
Proprietary technology.
Defensible innovation.
ISSUED
US 11,507,754
Identity lifecycle management for agentic AI systems
ISSUED
US 11,927,436
Blockchain-based authentication for AI agent authorization
ISSUED
US 9,626,359
Scoped delegation framework for non-human principals
ISSUED
US 12,418,417
Real-time behavioral auditing for autonomous AI execution
ISSUED
US 12,483,411
Dynamic data security for ephemeral identity contexts
ISSUED
US 12,574,251
Cryptographic proof of agentic authority delegation
PADING
US 18/777,042
Micro-Runtime TTL enforcement for agentic execution contexts
PADING
US 19/314,928
Human-in-the-loop identity verification for high-assurance AI
PADING
US 19/370,524
Decentralized ledger anchoring for cross-enterprise AI governance