UCAN token operations for capability-based authorisation.
| Name: | ucan |
| Class: | covia.adapter.UCANAdapter |
This adapter provides 2 MCP tool(s) for AI agent integration:
| Tool Name | Description |
|---|---|
| ucan_verify | Verifies a UCAN capability token against this venue's trust policy and explains the verdict — the diagnostic counterpart to enforcement. Reports validity (signature at every chain hop, temporal bounds), the parsed claims, the delegation chain depth and root issuer, and a per-capability root-authority verdict: 'owner' (self-sovereign — the chain root is signed by the resource owner), 'venue' (rooted by this venue), or 'refused'. Optionally checks whether the token would authorise a specific request here. Read-only: no signing, no side effects. |
| ucan_issue | Creates a venue-signed UCAN capability token. The venue is the issuer. The token grants the audience (aud) the specified capabilities (att) until expiry (exp). Present the returned token as a proof on subsequent requests that require the granted capabilities. |