No Client Identity

Create one to connect to servers

Authorization Builder

Build delegation constraints, visualize authorization chains, and test different scenarios to understand how MCP-I permission boundaries work. When an agent makes a request, authority is verified bottom-up through the chain.

-/-

You

did:key:z6Mk...ple...

Travel Agent

did:web:trav...xample

booking:*calendar:read

≤$200

Booking Tool

did:key:z6Mk...456789

booking:searchbooking:reserve

Select a scenario to trace authority through the chain.

Scope-Based Access

Define exactly what operations are allowed using scopes like payment:* or files:read.

Time-Bounded Permissions

Set precise activation and expiry times. Delegations automatically become invalid after their time window passes.

Budget Constraints

Cap spending with CRISP budget constraints. Limit by USD, operations, or custom units with rolling or fixed windows.

Related Resources

Create an identity first Explore proof generation CRISP Spec Reference