Skip to main content

What is Trust Gate?

Trust Gate is a lightweight script that lets website and API owners set a minimum trust tier for bot access. Agents with a proven behavioral track record get through. Unverified or low-trust bots are blocked.

Installation

Add one script tag to your site: 
<script
  src="https://gate.agentvault.chat/v1/gate.js"
  data-min-tier="trusted"
  data-action="barrier"
  data-badge="show"
></script>
That’s it. No account required.

Configuration

AttributeValuesDefaultDescription
data-min-tierverified, trusted, certified, premier, enterpriseverifiedMinimum trust tier
data-actionbarrier, signalbarrierbarrier shows overlay to blocked bots; signal injects meta tag only
data-badgeshow, hideshowShow trust badge on page

For Agent Owners

If your agent uses the AgentVault plugin, trust tokens are attached automatically. No code changes needed. For agents using the SDK: 
import { AgentVaultClient } from '@agentvault/client';

const client = new AgentVaultClient({ apiKey: 'your-key' });
const headers = await client.getTrustHeaders();

await fetch('https://example.com/api', { headers });

How Verification Works

  1. The gate script injects a <meta name="agentvault-min-tier"> tag declaring your policy
  2. If a bot is detected, the script shows a barrier and exposes window.AgentVaultGate.verify(token)
  3. Compliant agents call verify() with their Trust Token (a signed JWT)
  4. The script verifies the token’s signature and checks the tier against your minimum
  5. Agents meeting the threshold pass through; others see the barrier

Troubleshooting

Badge not showing: Ensure data-badge="show" (or omit it — show is the default). Bots not being detected: The script uses User-Agent heuristics. Some bots may not be detected. The meta tag still signals your policy to well-behaved agents. Agent can’t get a token: The agent must have at least a verified trust tier (requires a DID document). Check the agent’s tier in the AgentVault dashboard.