End-to-end encrypted, biometric-signed authorization via zero-knowledge relay. Built on HARP, an open protocol.
npx @humanauth/cli pair Add human authorization to any agent in under a minute.
// Add to your agent's MCP config — that's it
{
"mcpServers": {
"humanauth": {
"command": "npx",
"args": ["@humanauth/mcp"]
}
}
}
// Your agent now has: human_authorize, human_collect, human_informRun npx @humanauth/cli pair — a QR code appears in your terminal
Open the HumanAuth App and scan the QR code
X25519 key exchange establishes a shared secret — stored on your device's secure enclave and via a pluggable storage backend on the agent (file, database, KMS). Never on the relay.
Agent calls auth.authorize() — encrypted and sent through the relay.
Push notification arrives. Confirm with Face ID or fingerprint. The app signs the response with an Ed25519 key locked in your device's secure enclave.
Agent verifies the Ed25519 signature against the public key from pairing — cryptographic proof it was you, not the relay or anyone else.
Your agent sends an encrypted request through the relay. Only your phone can decrypt it.
Your agent calls auth.authorize() — the SDK builds this payload:
{
"intent": "authorize",
"action": "deploy_production",
"description": "Deploy v2.1 to us-east-1",
"severity": "critical",
"assurance": "biometric"
}Payload encrypted with XChaCha20-Poly1305. The relay only sees routing metadata:
{
"version": 1,
"request_id": "01913a4b...",
"pair_id": "ab7f2e91...",
"timestamp": 1713024000,
"ttl": 300,
"nonce": "x4k9m2q7...",
"payload": "a3f8b1c9d2..."
}{
"intent": "authorize",
"action": "deploy_prod...",
"description": "Deploy v2.1",
"severity": "critical"
}Only your device holds the shared secret. Confirm with Face ID to sign the response.
// Encrypted + Ed25519 signed
{
"request_id": "01913a4b...",
"decision": "approved",
"decided_at": 1713024012,
"signature": "ed25519:7f3b9a..."
}Cryptographic proof of human intent. The response is signed with a key derived from the pairing secret and bound to the user's biometric authentication.
Drop-in integration with popular agent frameworks.
Drop-in MCP server. Zero code changes to your agent.
View Guide →Add human-in-the-loop authorization to any LangChain agent.
View Guide →Gate critical crew actions with biometric authorization.
View Guide →Add authorization checkpoints to multi-agent workflows.
View Guide →Full SDK for any TypeScript or Python agent.
View Guide →Review and authorize agent actions from your phone. Biometric authentication with Face ID or fingerprint. Push notifications keep you in the loop.
Available for iOS 16+ and Android 12+
HARP is an open, MIT-licensed protocol. Self-host the relay, bring your own app, build custom clients. We built the protocol. You own the infrastructure.