AgentGPT + xLink
Add persistent identity to AgentGPT browser agents in 3 lines of code. Eliminate OAuth token cascades, achieve 603× faster authentication, and 73.4% faster end-to-end workflows.
Installation
Install the AgentGPT + xLink integration package via npm, pnpm, or yarn.
# npm npm install @private.me/agentgpt-xlink # pnpm pnpm add @private.me/agentgpt-xlink # yarn yarn add @private.me/agentgpt-xlink
This package has zero npm runtime dependencies. All cryptography uses the Web Crypto API. Works in Node.js, Deno, Bun, Cloudflare Workers, and browser environments.
Basic Example
Replace OAuth tokens with persistent identity in your AgentGPT browser automation workflows.
Before: Traditional OAuth
import { Agent } from 'agentgpt'; // OAuth flow: refresh token → access token → API call const agent = new Agent({ auth: { clientId: process.env.OAUTH_CLIENT_ID, clientSecret: process.env.OAUTH_CLIENT_SECRET, refreshToken: process.env.REFRESH_TOKEN } }); // Every request requires token refresh check await agent.execute('Navigate to dashboard'); // ⚠️ If token expires mid-workflow, entire agent restarts
After: xLink Identity
import { Agent } from 'agentgpt'; import { withXLink } from '@private.me/agentgpt-xlink'; // DID identity generated once, valid forever const agent = await withXLink(new Agent(), { agentName: 'browser-automation-01' }); // No token refresh, no expiry, no cascades await agent.execute('Navigate to dashboard'); // ✅ Identity persists across restarts
xLink generates a DID identity (Ed25519 keypair) for each agent. The identity is stored locally and reused across sessions. No OAuth tokens, no expiry, no refresh.
Full Browser Automation Example
import { Agent } from 'agentgpt'; import { withXLink, createTrustRegistry } from '@private.me/agentgpt-xlink'; // Step 1: Create trust registry (shared across all agents) const registry = await createTrustRegistry(); // Step 2: Create browser automation agent with identity const agent = await withXLink(new Agent(), { agentName: 'browser-automation-01', trustRegistry: registry }); // Step 3: Execute tasks — identity used automatically await agent.execute('Open Google Sheets'); await agent.execute('Navigate to Sales Dashboard'); await agent.execute('Export data to CSV'); // ✅ No token refresh, no OAuth flow, no cascades // ✅ Agent identity persists across browser restarts // ✅ 91ms authentication (vs 54,853ms OAuth flow)
Why xLink for AgentGPT
Three core problems solved: cascading failures, slow authentication, and token management overhead.
Problem 1: Cascading Failures
One expired OAuth token can restart 500+ browser agents simultaneously. The refresh token expires → all access tokens invalidate → every running agent crashes → 500 agents attempt to refresh at once → API rate limit triggers → cascading failure propagates across your entire automation fleet.
2:47 AM: Refresh token expires for shared service account.
2:48 AM: 500 browser agents detect invalid access tokens, attempt simultaneous refresh.
2:49 AM: OAuth provider rate limit triggers (429 Too Many Requests).
2:50 AM: All 500 agents crash. Manual intervention required.
xLink eliminates cascades. Every agent has a unique DID identity with no expiry. There is no shared OAuth token, so there is no single point of failure. One agent failure never propagates to others.
Problem 2: Slow Authentication
OAuth token refresh requires: check access token expiry → HTTP request to OAuth provider → wait for new token → retry original request. xLink identity verification is a local Ed25519 signature check. No network round trip. 603× faster.
Problem 3: Token Management Overhead
| Task | OAuth Tokens | xLink Identity |
|---|---|---|
| Store credentials | Encrypted vault + rotation | Local Ed25519 keypair |
| Refresh flow | Every 60 minutes | Never (no expiry) |
| Revocation | Manual via OAuth provider UI | Remove from trust registry |
| Multi-agent setup | Share refresh token OR create 500 OAuth apps | Each agent gets unique DID |
Next Steps
You now have persistent identity for AgentGPT browser agents. Here's what to explore next.
1. Trust Registry Management
Control which agents can authenticate to your services. The trust registry is a simple allowlist of DID identities. Add new agents, revoke compromised ones, and enforce capability-based access control.
import { createTrustRegistry } from '@private.me/agentgpt-xlink'; const registry = await createTrustRegistry(); // Add new agent to allowlist await registry.add('did:key:z6MkpTHz...', { capabilities: ['browser:navigate', 'sheets:export'] }); // Revoke compromised agent await registry.revoke('did:key:z6MkpTHz...');
2. Multi-Agent Orchestration
Scale to hundreds of browser agents with independent identities. No shared OAuth tokens, no cascading failures, no rate limit collisions.
const agents = await Promise.all( Array.from({ length: 500 }, async (_, i) => { return await withXLink(new Agent(), { agentName: `browser-agent-${i}`, trustRegistry: registry }); }) ); // All 500 agents execute in parallel — no token conflicts await Promise.all(agents.map(a => a.execute('Run daily report')));
3. Read the Full White Paper
Learn about the underlying cryptographic protocol, benchmark methodology, and production deployment patterns.
4. Explore Other ACIs
Private.Me offers 224 ACIs (Agent-Connectable Interfaces) for different use cases. All use the same identity protocol.