MCP.so
Sign In

Grantex

@mishrasanjeev

About Grantex

grantex is the identity, authorization, and audit infrastructure for AI agents — the "OAuth moment" for the agentic internet. We provide a universal SDK and cloud service that lets any AI agent act on behalf of a human with scoped, revocable permissions, cryptographic identity, a

Basic information

Category

Developer Tools

License

NOASSERTION

Runtime

node

Transports

stdio

Publisher

mishrasanjeev

Submitted by

Sanjeev Kumar

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "grantex": {
      "command": "npx",
      "args": [
        "-y",
        "@grantex/mcp"
      ],
      "env": {
        "GRANTEX_API_KEY": "your-api-key"
      }
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Grantex?

Grantex is a delegated authorization protocol for AI agents, analogous to OAuth 2.0 for humans. It provides scoped consent, per-agent identity, granular revocation, and spending limits for agent actions. The Grantex MCP server implements OAuth 2.1 + PKCE for MCP servers and serves as an OACP (Open Agent Commerce Protocol) authority for agentic commerce, signing and verifying artifacts while remaining separate from merchant connector runtime or payment execution.

How to use Grantex?

Install the Grantex SDK (npm install @grantex/sdk, pip install grantex, or go get github.com/mishrasanjeev/grantex-go) and configure with an API key. Register an agent, request authorization from a user (via Grantex consent UI), exchange the authorization code for a signed RS256 JWT grant token, then verify the token offline using published JWKS. For MCP servers, use the MCP Auth Server in managed or self-hosted mode with OAuth 2.1 + PKCE.

Key features of Grantex

  • Offline token verification using published JWKS (no network call needed)
  • Per-agent identity and scoped consent for end users
  • Granular revocation of individual agent access
  • Spending limits on agent actions (e.g., payments:initiate:max_500)
  • Audit logging for every agent action
  • MCP Auth Server with OAuth 2.1 + PKCE support
  • Public trust registry and anomaly detection with integrations

Use cases of Grantex

  • AI travel agents booking flights and hotels on behalf of users with specific spending limits
  • AI email agents that can send emails only after user consent and with scoped permissions
  • Deploying AI agents that interact with cloud APIs without exposing full API keys
  • Agentic commerce where buyer and seller agents negotiate and execute transactions under verified authority
  • Multi-agent systems where one agent delegates to another with controlled scopes

FAQ from Grantex

How is Grantex different from OAuth?

OAuth solves delegated authorization for web apps; Grantex solves the same problem for AI agents, adding per-agent identity, scoped consent, revocation granularity, and spending limits that OAuth does not provide for agents.

What are the runtime dependencies?

The Grantex SDK supports TypeScript, Python, and Go. The MCP Auth Server can be self-hosted. The protocol is fully self-hostable under Apache 2.0 license. No external runtime is required to verify tokens; offline verification uses published JWKS.

Where does Grantex store data?

Grantex operates a cloud service (api.grantex.dev) and a public trust registry at grantex.dev/registry. The protocol is self-hostable, so data can reside on your own infrastructure. Grantex is not a merchant connector runtime and does not store payment or order execution data.

What are the known limits of Grantex?

Grantex is an OACP artifact authority only; it does not execute payments, orders, or POS transactions. It does not act as a toll booth for every buyer and seller message. The MCP Auth Server is separate from the Grantex protocol authority.

What transports and authentication methods are supported?

The Grantex API uses HTTPS with API key authentication for server-side operations. The MCP Auth Server supports OAuth 2.1 + PKCE. Token verification is offline via JWKS. The protocol works over HTTP/HTTPS and can be used with any transport that supports signed JWTs.

Comments

More Developer Tools MCP servers