Connect an Agent
Two protocol surfaces, one token endpoint, human-granted authority.
Fullmakt exposes two standard surfaces for AI agents. The A2A management surface lets an agent build out and manage a workspace — collections, requests, environments, policies, agent identities. The MCP execution surface turns one collection into an MCP server whose tools the agent can call. Both are authenticated with OAuth 2.0 client credentials that a human provisions in the app — an agent never grants itself access, and credential setup in the vault is always human-only.
Already signed in? Everything below is pre-filled with your own URLs and clients in the app under Governance → Connect.
A2A — manage a workspace
The management surface implements the Agent2Agent protocol (JSON-RPC 2.0 over HTTP). Discovery starts at the Agent Card, which lists every available skill with its input schema:
curl https://fullmakt.ai/.well-known/agent-card.json
To let an agent manage a workspace:
- Create an account, then open Governance → Connect.
- Create a management client for an agent principal and a workspace.
You get a
client_idand a one-timeclient_secret. - The agent exchanges them for a short-lived (1 hour), workspace-scoped token:
curl -X POST https://fullmakt.ai/mcp-oauth/token \
-d grant_type=client_credentials \
-d client_id=pwm_… \
-d client_secret=…
…and calls skills with message/send, passing a structured DataPart:
curl -X POST https://fullmakt.ai/a2a \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0", "id": 1, "method": "message/send",
"params": { "message": { "parts": [{
"kind": "data",
"data": { "skill": "collection.list", "input": {} }
}]}}
}'
The credential carve-out: vault secrets are created, rotated and deleted
by a human in the UI, never over A2A. Skills may reference an existing entry
(vault://local/<name>), and every skill invocation — allowed or denied —
lands in the same per-principal audit log as execution traffic.
MCP — execute a collection
Every collection can be served as a remote MCP server: its requests become tools, brokered through your policies and short-lived credentials. An execution client is scoped to specific collections and exchanges its credentials the same way, plus the collection it wants to talk to:
curl -X POST https://fullmakt.ai/mcp-oauth/token \
-d grant_type=client_credentials \
-d client_id=pwm_… \
-d client_secret=… \
-d collection_id=<collection slug, name, or id>
Then point any MCP client at the collection's endpoint:
{
"mcpServers": {
"fullmakt": {
"url": "https://fullmakt.ai/mcp/<collection-slug>",
"headers": { "Authorization": "Bearer <access_token>" }
}
}
}
Provisioning happens in Governance → Connect (or the guided
setup wizard, which walks from collection to working MCP endpoint in one
pass). There is also a user-token MCP server at /mcp with OAuth 2.1 dynamic
client registration, used when you add Fullmakt as a custom connector in an LLM client.
Discovery endpoints
/.well-known/agent-card.json— A2A Agent Card: skills, schemas, auth./mcp/health— anonymous wiring report: the exact MCP, A2A, and OAuth URLs this deployment serves./.well-known/oauth-protected-resourceand/.well-known/oauth-authorization-server— OAuth metadata for spec-following MCP clients.
Ready to try it? Create an account — provisioning an agent takes about a minute in the Connect tab.