Identity Issue
identity_issueIssue a managed identity for an agent, requiring admin role and audit reason. Returns the raw token once.
Instructions
Issue a managed agent identity. Requires admin role, identity:write scope, and an audit reason. Returns the raw token once.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| role | No | Identity role label, for example agent or service. | agent |
| reason | No | Human audit reason for issuing the identity. | |
| agent_id | Yes | Agent identifier the issued identity represents. | |
| tenant_id | No | Tenant scope for the identity and audit logging. | default |
| ttl_seconds | No | Identity lifetime in seconds. | |
| blueprint_id | No | Optional runtime blueprint id bound to the identity. | |
| allowed_tools | No | Comma-separated per-tool scope allowlist. Empty means any tool. | |
| operator_role | No | Operator role for this write action. Must be admin. | viewer |
| operator_scopes | No | Comma-separated operator scopes. Must include identity:write. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |