Integrations · composition matrix
Composes with the stack you already have.
KYE Protocol™ is additive. Identity, workload identity, agent passport, decision API, transparency, signal-bus, policy engine, storage — one matrix showing how every layer slots in.
Composes with the stack you already have.
KYE Protocol™ is additive. It does not replace your identity provider, your authorisation engine, your audit log, or your KYA vendor — it ties them together via one open contract. This page maps how each layer slots in.
| Layer | Existing standard / vendor | How KYE™ composes |
|---|---|---|
| Human auth | OAuth 2.1, OIDC, SAML, GNAP | The OAuth/OIDC token issuer becomes a credential issuer in KYE™’s vocabulary; KYE™’s delegation chain attaches scope and state to the resulting principal. |
| Workload identity | SPIFFE / SPIRE (SVIDs) | SVIDs become entity URNs (kye:workload:<td>:<sub>:<local>); KYE™ adds delegation, capability, decision and audit on top. |
| AI agent ↔ tool | Anthropic MCP | MCP tools become first-class capability entities; every MCP invocation becomes a KYE™ authorize call with the agent’s delegation chain attached. |
| Agent registration | Google A2A / ADK | Agent metadata feeds the KYE™ entity registry; KYE™ adds runtime authority, scope, state, and signed audit. |
| Decision API shape | OpenID AuthZEN | KYE™’s POST /v1/runtime/authorize is AuthZEN-compatible; reason codes, obligations, evidence refs are KYE-specific extensions. |
| Transparency receipts | OpenSSF SCITT | KYE™ proof bundles are emitted as SCITT statements; SCITT receipts attach to KYE™ evidence packs. |
| Stop-event distribution | OpenID SSF / CAEP | KYE™ signal bus emits SSF-shaped events for compromise / cascade revoke / quarantine; downstream SSF receivers act on them. |
| Agent passport | Visa Trusted Agent / Skyfire / Persona / Sumsub / Trulioo (KYA) | Agent passport becomes a credential entity; KYE™’s authority chain governs what the agent does with the passport, across vendors. |
| Policy engines | OPA Rego / Cerbos / Cedar / AWS IAM | KYE™ ships Rego (5), Cerbos (4), Cedar (1) reference bundles. Bring your own engine; KYE™ provides the input shape and the obligation grammar. |
| Storage | Postgres / Neo4j / Neptune / Memgraph / TigerGraph / ArangoDB / RDF | KYE™ objects project into any graph or relational store; the protocol defines node + edge contracts, not the database. |
For implementation help with any specific composition, open a discussion at KYE-Protocol/Discussions or use the Talk to us modal.