Quickstart Guide

SuperAGI + xLink

Add identity-based tool authorization to SuperAGI autonomous agents. Replace API keys with cryptographic identity, eliminate credential sprawl, enable fine-grained scope control for tools.

@private.me/superagi-xlink 5 min setup Zero credentials

📚 Complete Documentation

For complete documentation including pricing, purchase API, and technical specifications, see the full white paper.

01. Installation

Install the Package

Add the SuperAGI xLink adapter to your project:

npm / pnpm / yarn

# npm
npm install @private.me/superagi-xlink

# pnpm
pnpm add @private.me/superagi-xlink

# yarn
yarn add @private.me/superagi-xlink

Prerequisites

SuperAGI 0.0.13+ required. Ensure you have a working SuperAGI installation with tool support enabled.

02. Quickstart

Basic Setup

Replace API key-based tool authentication with xLink identity in under 10 lines:

tools/secure_tool.py

from superagi.tools.base_tool import BaseTool
from private_me_superagi_xlink import with_xlink_auth

# Wrap your tool class with xLink identity-based auth
@with_xlink_auth(scopes=["payments:send", "payments:read"])
class PaymentTool(BaseTool):
    name = "PaymentTool"
    description = "Execute financial transactions"

    def _execute(self, amount: float, recipient: str):
        # Tool automatically validated against agent identity
        # No API keys, no credential injection
        return self.xlink.send({
            "to": recipient,
            "amount": amount
        })

How It Works

The @with_xlink_auth decorator:

Generates cryptographic identity for the agent (no API keys stored)
Validates scope authorization before tool execution (fail-closed)
Injects xLink connection into tool instance (self.xlink available)
Enforces identity-based access across all tool invocations

03. Authorization

Scope-Based Tool Access

Define fine-grained permissions for each tool. Agents can only invoke tools their identity authorizes:

agent_config.py

from superagi.agent.super_agi import SuperAgi
from private_me_superagi_xlink import XLinkIdentity

# Create agent with identity-based tool access
identity = XLinkIdentity.generate(
    agent_id="finance-agent-001",
    scopes=["payments:send", "analytics:read"]
)

agent = SuperAgi(
    agent_id="finance-agent-001",
    tools=[PaymentTool, AnalyticsTool, ReportingTool],
    xlink_identity=identity
)

# ✅ Agent can use PaymentTool (has "payments:send" scope)
# ✅ Agent can use AnalyticsTool (has "analytics:read" scope)
# ❌ Agent CANNOT use ReportingTool (missing "reports:write" scope)

Fail-Closed Security

If an agent attempts to use a tool without required scopes, the invocation is blocked before execution. No partial execution, no fallback to API keys.

04. Multi-Agent

Coordinated Agent Workflows

Multiple agents with distinct identities can collaborate securely:

workflow.py

# Analytics agent (read-only access)
analytics_identity = XLinkIdentity.generate(
    agent_id="analytics-001",
    scopes=["payments:read", "analytics:read"]
)

# Payment agent (write access)
payment_identity = XLinkIdentity.generate(
    agent_id="payment-executor-001",
    scopes=["payments:send", "payments:read"]
)

# Approval agent (authorization scope)
approval_identity = XLinkIdentity.generate(
    agent_id="approval-gate-001",
    scopes=["approvals:grant"]
)

# Each agent has cryptographically distinct identity
# No shared credentials, no lateral movement risk

05. Benefits

Why xLink for SuperAGI

🔐

Zero Credential Sprawl

No API keys in config files, environment variables, or agent memory. Identity is cryptographic, not textual.

⚡

Fail-Closed Authorization

Tools validate scopes before execution. Unauthorized invocations blocked at decorator level, not runtime.

🎯

Fine-Grained Scopes

Define permissions per tool, per agent. No "admin" keys with full system access.

🔄

No Token Rotation

Identity is permanent. No expiration, no refresh logic, no cascading failure from expired credentials.

📊

Audit Trail

Every tool invocation tied to agent identity. Perfect attribution for compliance and debugging.

🚀

5-Minute Setup

Add decorator, define scopes, done. No infrastructure changes, no secret management platform.

06. Advanced

Trust Registry Integration

For production deployments, integrate with xLink Trust Registry for centralized identity management:

trust_registry.py

from private_me_superagi_xlink import TrustRegistry

# Initialize trust registry (file-based or Redis-backed)
registry = TrustRegistry(storage="file://./trust-registry.json")

# Register agent identities
registry.register(
    agent_id="finance-agent-001",
    scopes=["payments:send", "analytics:read"],
    metadata={"team": "finance", "tier": "production"}
)

# Validate at runtime
if registry.has_scope("finance-agent-001", "payments:send"):
    # Execute privileged operation
    pass

Dynamic Scope Updates

Revoke or grant scopes without redeploying agents:

scope_management.py

# Revoke scope immediately (all active agents reflect change)
registry.revoke_scope("finance-agent-001", "payments:send")

# Grant new scope
registry.grant_scope("analytics-001", "reports:write")

# Changes propagate in <100ms (in-memory + broadcast)

07. Pricing

Get Started Today

3-month free trial for all tiers. No credit card required.

Basic ($5/month) — Up to 10 agents, file-based trust registry, community support
Middle ($10/month) — Up to 100 agents, Redis registry, email support, audit logs
Enterprise ($15/month) — Unlimited agents, multi-region registry, dedicated support, compliance dashboard

Volume discounts available for 5+ ACIs. Subscribe now or contact sales.