Compliance infrastructure

Compliance gating for agentic payments

Agents pay with wallets. You need to know if the buyer is sanctioned, underage, or in a restricted jurisdiction — before you deliver.

View Docs Talk to Sales

When an agent pays your API with a wallet

No signup form — no name, no email, no identity
No country — wallets don’t have jurisdictions
No age — can’t tell if the buyer is 13 or 30
No compliance — you’re liable if you sell to a sanctioned entity

You're taking money from anonymous wallets and hoping for the best.

One API call. Full compliance.

POST /v1/assess

We resolve the wallet to its operator
We check their KYC, sanctions, age, jurisdiction
We return allow or deny with a reason
If denied, the agent gets a verify URL to self-serve

You define the policy. We enforce it.

Example policy

{
  "require_kyc": true,
  "require_sanctions_clear": true,
  "min_age": 21,
  "blocked_jurisdictions": ["IR", "CU", "KP"]
}

Built for regulated API vendors

PII & data enrichment

GDPR/CCPA liability selling PII to unverified agents. Gate access before delivering sensitive data.

Sanctions + jurisdiction

Age-restricted products

Products and services restricted by age. Verify the operator behind the wallet meets the minimum.

Age 18+ / 21+

B2B only services

Wholesale and B2B APIs that should only serve verified business entities, not individuals.

Entity type = business

Export-controlled software

Encryption, AI models, and other export-controlled software that cannot be sold to restricted countries.

Jurisdiction not restricted

High-value transactions

High-value financial services that require the full suite of compliance checks before transacting.

Full compliance + min score

Three lines of code

Drop in the gate middleware. Define your policy. Ship it.

import { agentscoreGate } from "@agent-score/gate";

app.use(
  agentscoreGate({
    apiKey: process.env.AGENTSCORE_API_KEY,
    requireKyc: true,
    requireSanctionsClear: true,
    minAge: 21,
  })
);

What happens when an agent is denied

No friction for Passport holders. Self-service onboarding for new ones.

Agent pays you

An agent sends a payment to your API using a wallet address.

Your gate calls AgentScore

The assess endpoint checks the wallet against your compliance policy.

No Passport — deny

The operator behind the wallet has not verified. The transaction is denied.

Agent gets a verify URL

The deny response includes a verify_url the agent can follow.

Operator gets their Passport

Free, takes less than 3 minutes. Quick identity verification.

Agent retries — allow

The operator is now verified. The same transaction succeeds.

Trust and privacy

We never store PII — ID documents stay with the KYC provider
Sellers get binary decisions (allow/deny), never personal data
7-year audit trail for every compliance check
Sandbox mode for testing before going live

Included in Pro ($100/mo)· 1,000 checks · Sandbox mode · 7-year audit trail

View Docs Talk to Sales

One API call. Full compliance.

POST /v1/assess

We resolve the wallet to its operator

We check their KYC, sanctions, age, jurisdiction

We return allow or deny with a reason

If denied, the agent gets a verify URL to self-serve

You define the policy. We enforce it.

Example policy

{
  "require_kyc": true,
  "require_sanctions_clear": true,
  "min_age": 21,
  "blocked_jurisdictions": ["IR", "CU", "KP"]
}

Built for regulated API vendors

PII & data enrichment

GDPR/CCPA liability selling PII to unverified agents. Gate access before delivering sensitive data.

Sanctions + jurisdiction

Age-restricted products

Products and services restricted by age. Verify the operator behind the wallet meets the minimum.

Age 18+ / 21+

B2B only services

Wholesale and B2B APIs that should only serve verified business entities, not individuals.

Entity type = business

Export-controlled software

Encryption, AI models, and other export-controlled software that cannot be sold to restricted countries.

Jurisdiction not restricted

High-value transactions

High-value financial services that require the full suite of compliance checks before transacting.

Full compliance + min score

import { agentscoreGate } from "@agent-score/gate"; app.use( agentscoreGate({ apiKey: process.env.AGENTSCORE_API_KEY, requireKyc: true, requireSanctionsClear: true, minAge: 21, }) );

What happens when an agent is denied

No friction for Passport holders. Self-service onboarding for new ones.

Agent pays you

An agent sends a payment to your API using a wallet address.

Your gate calls AgentScore

The assess endpoint checks the wallet against your compliance policy.

No Passport — deny

The operator behind the wallet has not verified. The transaction is denied.

Agent gets a verify URL

The deny response includes a verify_url the agent can follow.

Operator gets their Passport

Free, takes less than 3 minutes. Quick identity verification.

Agent retries — allow

The operator is now verified. The same transaction succeeds.

Trust and privacy

We never store PII — ID documents stay with the KYC provider

Sellers get binary decisions (allow/deny), never personal data

7-year audit trail for every compliance check

Sandbox mode for testing before going live

Included in Pro ($100/mo)· 1,000 checks · Sandbox mode · 7-year audit trail

View Docs Talk to Sales