What does 'kavachOS' mean?

kavachOS is a portmanteau of 'kavach' (Sanskrit for 'armor') and 'OS' (operating system). The name describes the library's role: an operating layer that shields every identity, call, token, and delegation in an application.

How is 'kavach' pronounced?

Ka-vach. In Sanskrit (कवच), it means 'armor': the layered, protective armor warriors wore into battle.

A TypeScript library for authentication and authorization, covering both AI agents and human users. It provides identity, permissions, delegation chains, audit trails, and MCP OAuth 2.1 in a single package. MIT licensed, edge-native.

00/Use cases

Auth shaped around the
work you are shipping.

Every team hitting KavachOS has one of five shapes of problem. Pick the closest to yours. Each page shows the concrete primitives we ship and the audit question they answer.

Join early access Read the docs

01/Pick the shape

Five use cases. One auth primitive underneath.

The primitives are the same. The emphasis shifts. Agents need delegation. MCP servers need OAuth 2.1. SaaS teams need orgs. Enterprises need evidence. Pick the lens that matches today.

Early stage

For AI startups

Ship agent auth in an afternoon

One API key per agent is not a plan. Scoped delegation, audit, and revocation without a platform team.

Protocol

For MCP servers

OAuth 2.1 the spec actually wants

RFC 9728, RFC 8414, RFC 7591, PKCE S256. All of it, edge-native. Point your resource server at the issuer and go.

B2B

For SaaS platforms

Orgs, SSO, SCIM on one flat plan

Organizations are free. SAML, OIDC, and SCIM 2.0 ship on the Growth plan. No per-org fee, no enterprise upsell for a checkbox.

Orchestration

For Multi-agent systems

Delegation chains, provable end to end

Every hop carries a parent, a scope subset, and an audience. The audit tree answers which agent did what.

Compliance

For Enterprise

Evidence for regulators, not slideware

Tamper-evident audit, SAML and SCIM, EU AI Act Article 13 coverage. Self-host in your VPC or use the managed cloud.

02/The common thread

One identity graph, five emphases.

The primitives do not change when the use case changes. Subjects, scopes, delegation, audit. What changes is which corner of the graph you spend time in.

Subjects

Humans, organizations, agents, service accounts. All first-class nodes in the same graph.

Scopes

Capability strings attached to roles, tokens, and delegation chains. Provably subsettable.

Delegation

Every token can mint a scoped child. The chain is verifiable and cascade-revocable.

Audit

Every mutation of the graph is written to a hash-chained, exportable log.

Auth shaped around thework you are shipping.