What is a revocable capability token for AI agents?

A revocable capability token gives an agent narrowly scoped authority for a tenant, task, tool, budget, and time window. Unlike a static API key, it can expire, be attenuated for sub-agents, and be revoked when policy fails.

Why are capability tokens better than shared API keys for agents?

Shared API keys are broad, long-lived, and hard to revoke safely. Capability tokens bind authority to a specific agent task with spend limits, expiry, delegation rules, and audit fields.

How does SatGate enforce these token policies?

SatGate sits in the request path as an economic firewall, checking token scope, budget, delegation, revocation state, and audit requirements before upstream model, API, MCP, or L402 Charge access.

Free capability-token policy template

Revocable Capability Token Policy Template

Generate scoped, expiring, revocable token policy for AI agents, sub-agents, MCP tools, request budgets, delegation, kill switches, and audit trails.

Generate policy Learn capability tokens

Configure the token policy

TenantTaskAgent profile

Static API keys are wrong for autonomous agents. Capabilities should be narrow, priced, time-boxed, auditable, and revocable.

YAML token policy

capability_token_policy: acme-prod-ship-agent-workflow
mode: enforce
issuer: satgate-economic-firewall
subject: agent:coding-assistant
audience: repo-and-model-tools
tenant_id: acme-prod
task_id: ship-agent-workflow
risk_tier: medium
validity:
  ttl_minutes: 240
  not_before: now
  expires_at: now + 240m
scopes:
  - model:responses:write
  - mcp:repo_search:read
  - mcp:pull_request:write
budgets:
  token_lifetime_usd: 25
  per_request_usd: 0.5
  on_exhausted: revoke_and_block
delegation:
  allowed: true
  child_budget_pct: 20
  child_ttl_minutes: 60
  child_scopes_must_be_subset: true
revocation:
  revoke_on_budget_exhausted: true
  revoke_on_loop_detected: true
  revoke_on_policy_violation: true
  revoke_on_parent_revoked: true
  kill_switch: tenant:acme-prod:agents
audit:
  required_fields:
    - token_id
    - parent_token_id
    - tenant_id
    - agent_id
    - task_id
    - scope
    - estimated_cost_usd
    - remaining_budget_usd
    - revocation_state
    - policy_decision

JSON token policy

{
  "capability_token_policy": "acme-prod-ship-agent-workflow",
  "mode": "enforce",
  "issuer": "satgate-economic-firewall",
  "subject": "agent:coding-assistant",
  "audience": "repo-and-model-tools",
  "tenant_id": "acme-prod",
  "task_id": "ship-agent-workflow",
  "risk_tier": "medium",
  "validity": {
    "ttl_minutes": 240,
    "not_before": "now",
    "expires_at": "now + 240m"
  },
  "scopes": [
    "model:responses:write",
    "mcp:repo_search:read",
    "mcp:pull_request:write"
  ],
  "budgets": {
    "token_lifetime_usd": 25,
    "per_request_usd": 0.5,
    "on_exhausted": "revoke_and_block"
  },
  "delegation": {
    "allowed": true,
    "child_budget_pct": 20,
    "child_ttl_minutes": 60,
    "child_scopes_must_be_subset": true
  },
  "revocation": {
    "revoke_on_budget_exhausted": true,
    "revoke_on_loop_detected": true,
    "revoke_on_policy_violation": true,
    "revoke_on_parent_revoked": true,
    "kill_switch": "tenant:acme-prod:agents"
  },
  "audit": {
    "required_fields": [
      "token_id",
      "parent_token_id",
      "tenant_id",
      "agent_id",
      "task_id",
      "scope",
      "estimated_cost_usd",
      "remaining_budget_usd",
      "revocation_state",
      "policy_decision"
    ]
  }
}

Capability-token policy checklist

Agent tokens need economic constraints, not just authentication. These fields make authority governable before spend is created.

Scope

Bind authority to tenant, agent, task, audience, route, and MCP tool permissions.

Expiry

Use short token lifetimes and shorter child-token TTLs for delegated sub-agents.

Revocation

Revoke on budget exhaustion, loops, parent revocation, policy violation, or kill switch.

Delegation

Require child capabilities to be strict subsets with attenuated budgets and scopes.

Audit

Log token id, parent id, cost, remaining budget, scope, revocation state, and decision.

Economic control

Pair identity with budgets so authentication and spend governance happen together.

Turn agent authority into an enforceable budget.

SatGate checks capability scope, budget, revocation, delegation, audit, and Charge/L402 payment policy in the request path before agents reach upstream APIs or MCP tools.

Revocable agent credentials Assess API key risk