Connect an Agent

Two protocol surfaces, one token endpoint, human-granted authority.

Fullmakt exposes two standard surfaces for AI agents. The A2A management surface lets an agent build out and manage a workspace — collections, requests, environments, policies, agent identities. The MCP execution surface turns one collection into an MCP server whose tools the agent can call. Both are authenticated with OAuth 2.0 client credentials that a human provisions in the app — an agent never grants itself access, and credential setup in the vault is always human-only.

Already signed in? Everything below is pre-filled with your own URLs and clients in the app under Governance → Connect.

A2A — manage a workspace

The management surface implements the Agent2Agent protocol (JSON-RPC 2.0 over HTTP). Discovery starts at the Agent Card, which lists every available skill with its input schema:

curl https://fullmakt.ai/.well-known/agent-card.json

To let an agent manage a workspace:

  1. Create an account, then open Governance → Connect.
  2. Create a management client for an agent principal and a workspace. You get a client_id and a one-time client_secret.
  3. The agent exchanges them for a short-lived (1 hour), workspace-scoped token:
curl -X POST https://fullmakt.ai/mcp-oauth/token \
  -d grant_type=client_credentials \
  -d client_id=pwm_… \
  -d client_secret=…

…and calls skills with message/send, passing a structured DataPart:

curl -X POST https://fullmakt.ai/a2a \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0", "id": 1, "method": "message/send",
    "params": { "message": { "parts": [{
      "kind": "data",
      "data": { "skill": "collection.list", "input": {} }
    }]}}
  }'

The credential carve-out: vault secrets are created, rotated and deleted by a human in the UI, never over A2A. Skills may reference an existing entry (vault://local/<name>), and every skill invocation — allowed or denied — lands in the same per-principal audit log as execution traffic.

MCP — execute a collection

Every collection can be served as a remote MCP server: its requests become tools, brokered through your policies and short-lived credentials. An execution client is scoped to specific collections and exchanges its credentials the same way, plus the collection it wants to talk to:

curl -X POST https://fullmakt.ai/mcp-oauth/token \
  -d grant_type=client_credentials \
  -d client_id=pwm_… \
  -d client_secret=… \
  -d collection_id=<collection slug, name, or id>

Then point any MCP client at the collection's endpoint:

{
  "mcpServers": {
    "fullmakt": {
      "url": "https://fullmakt.ai/mcp/<collection-slug>",
      "headers": { "Authorization": "Bearer <access_token>" }
    }
  }
}

Provisioning happens in Governance → Connect (or the guided setup wizard, which walks from collection to working MCP endpoint in one pass). There is also a user-token MCP server at /mcp with OAuth 2.1 dynamic client registration, used when you add Fullmakt as a custom connector in an LLM client.

Discovery endpoints

Ready to try it? Create an account — provisioning an agent takes about a minute in the Connect tab.