SPIFFE / WIMSE
Open standards for verifiable workload identity. Highflame extends them with agent-shaped claims for delegation, trust, and attribution.
Part of the Agent Control Fabric: Highflame's identity, policy, and enforcement substrate for AI agents.
Keep exploring the glossary.
Trust tier
A provenance-based level on an agent's identity (first-party/attested, verified third-party, or unverified) that gates what the agent is eligible for and tightens its policy. It is a verified input to every decision, never a bypass: each action is still authorized per request, so there is no implicit trust.
Read →ZeroID
Highflame's open-source agent identity core (Apache 2.0), built on OAuth 2.1, SPIFFE/WIMSE, and RFC 8693: the inspectable foundation beneath Highflame Identity.
Read →A2A (Agent-to-Agent)
Communication where one agent delegates work to, or calls, another agent. Each hop has to carry identity and narrow scope. Or authority leaks down the chain.
Read →Adaptive guardrails
Runtime controls that tighten themselves as new signals and attack patterns emerge, instead of relying on static rules someone has to keep updating.
Read →Agent Control Fabric
Highflame's term for the identity, policy, and enforcement substrate that governs every agent action at every boundary it crosses: one layer, not a bundle of point tools.
Read →Agent identity
A verifiable, cryptographic credential issued to an agent that carries agent-shaped claims (owner, trust tier, framework, delegation depth) so every action traces back to a named human.
Read →