What does 'kavachOS' mean?

kavachOS is a portmanteau of 'kavach' (Sanskrit for 'armor') and 'OS' (operating system). The name describes the library's role: an operating layer that shields every identity, call, token, and delegation in an application.

How is 'kavach' pronounced?

Ka-vach. In Sanskrit (कवच), it means 'armor': the layered, protective armor warriors wore into battle.

A TypeScript library for authentication and authorization, covering both AI agents and human users. It provides identity, permissions, delegation chains, audit trails, and MCP OAuth 2.1 in a single package. MIT licensed, edge-native.

00/Use case · Enterprise

Enterprise auth that answers the questions regulators actually ask.

SAML and OIDC SSO, SCIM 2.0 provisioning, tamper-evident audit, per-agent action logs. EU AI Act Article 13 transparency, SOC 2 CC6.1 least privilege, ISO 27001 A.9.4 access control. Map the controls to the product, not the other way around.

Talk to sales View security practices

01/TL;DR

Three things that matter.

Compliance evidence as a side effect

Audit logs, access reviews, and provisioning records generate themselves. Your compliance team queries them. No parallel system of record.

Agent actions covered the same way human actions are

Every autonomous action carries a parent user, a scope, and an outcome. The evidence regulators want for AI systems is the evidence you already have.

Self-host or use managed cloud

Deploy into your VPC, your Cloudflare account, or your on-prem Kubernetes. Data residency, key custody, and break-glass operations are configurable.

02/The problem

Two audit systems, and neither one answers the hard question.

Enterprise teams end up running two audit pipelines. One from the auth vendor. One from whatever agent framework the product team shipped. When the AI oversight board asks 'which autonomous system touched the payroll file on March 19th at 14:22', neither log has the answer on its own.

Vendor audit covers humans only

Auth0 and Okta log human logins and admin changes. When an agent invokes a tool, the audit line says 'service account'.

Framework audit is ad hoc

LangChain, CrewAI, and custom orchestrators log to stdout or a custom table. No tamper evidence, no retention policy, no SIEM integration by default.

EU AI Act Article 13 is hard to answer with either

The statute asks for transparency on autonomous system decisions. Answering requires joining human audit with agent audit, and the join key usually does not exist.

Procurement blocked on SOC 2 timeline

Enterprise buyers want SOC 2 Type II, ISO 27001, and a tamper-evident audit log before they sign. Delay on any of those is a deal delay.

03/How kavachOS fits

One identity graph, humans and agents together.

KavachOS treats humans, agents, and service accounts as subjects in a single graph. Delegation connects them. Audit covers the whole graph with the same evidence format. Compliance controls map to primitives, not to a parallel reporting layer.

Audit

Tamper-evident log for every auth event

Hash-chained audit entries covering sign-in, SSO federation, SCIM provisioning, role change, delegation, token issuance, and revocation. Exportable as signed CSV, streamable to S3 or a SIEM.

Primitive 01

Identity

Agent actions share the human audit format

When an agent calls a tool, the audit row names the parent user, the chain of delegations, the scope, and the outcome. One query answers both the SOC 2 access-review question and the EU AI Act transparency question.

Primitive 02

SSO

SAML, OIDC, SCIM 2.0 at enterprise scale

Per-organization SSO configuration, just-in-time provisioning, group-to-role mapping. Validated against Okta, Azure AD, Google Workspace, OneLogin, JumpCloud.

Primitive 03

Residency

Data residency and key custody you control

Deploy into your AWS, GCP, Azure, or Cloudflare account. Keys live in your KMS. The managed cloud offers EU and US regions with data pinned to region.

Primitive 04

Controls

Control catalog mapped to SOC 2, ISO 27001, EU AI Act

Every compliance control maps to a concrete KavachOS feature and an audit query. Your auditor gets the evidence bundle, not a promise.

Primitive 05

04/In code

The minimum you need to write.

Full examples with framework adapters live in the docs. This is the shape of what you wire into your app.

Open the quickstart

audit-query.ts

typescript

Pull every autonomous action that touched a specific resource during an audit window. One query, joined across human and agent subjects.

import { kavachos } from "kavachos";

const events = await kavachos.audit.query({
  resource: "payroll:march-2026",
  from: "2026-03-19T00:00:00Z",
  to: "2026-03-19T23:59:59Z",
  subjectType: ["human", "agent"],
  include: ["parentChain", "scope", "outcome"]
});

// Each event carries subject, parentChain, scope, resource,
// outcome, signedHash. Export for your auditor or stream to Splunk.
for (const e of events) {
  console.log(e.timestamp, e.subject.id, e.parentChain, e.outcome);
}

SOC 2

Type I at launch, Type II in flight

ISO 27001

Controls mapped and evidenced

EU AI Act

Article 13 coverage native

Hash-chained

Tamper-evident audit log

05/Before / after

The difference shows up in the audit log.

Without scoped identity

vendor audit covers humans only
framework audit is ad hoc
eu ai act article 13 is hard to answer with either

With kavachOS

tamper-evident log for every auth event
agent actions share the human audit format
saml, oidc, scim 2.0 at enterprise scale

Our regulator asked for the autonomous-action audit for a one-hour window across three services. In the old stack that was a week of ad hoc SQL. With KavachOS it was a ten-minute query.

CISO· Regulated fintech

06/FAQ

What teams building for enterprise compliance teams usually ask.

Short answers. Link out to the docs if you want the long version.

Does KavachOS have SOC 2 Type II today?

We are SOC 2 Type I at launch and targeting Type II within twelve months. If your procurement requires Type II today, we can offer a bridge letter, a mutual NDA penetration test review, and a named security contact for your auditor. Talk to sales.

How does the EU AI Act Article 13 coverage work?

Article 13 requires transparency on autonomous system decisions affecting users. KavachOS logs every agent action with the parent user, the scope, the resource, and the outcome. The resulting audit satisfies the transparency requirement without rebuilding your agent framework.

Can we self-host in our own cloud account?

Yes. The kavachos library and the authorization server both deploy into AWS, GCP, Azure, Cloudflare, or on-prem Kubernetes. Keys live in your KMS. The managed control plane can remain with us for updates, or we can ship a fully air-gapped distribution. Enterprise plan.

What about data residency in the EU?

Managed cloud has EU and US regions. Data written in an EU tenant stays in EU. The dashboard, audit log, and OAuth endpoints all run in region. Cross-region replication is opt-in and off by default for EU tenants.

Do you provide a DPA and subprocessor list?

Yes. A standard DPA with GDPR Article 28 clauses, a current subprocessor list with data-flow diagrams, and a TIA for US subprocessors are available on request. Our legal page links all three documents.

How is the audit log tamper-evident?

Every audit entry is hash-chained to the previous entry. The chain root is anchored to a Merkle tree that we publish weekly. An auditor can verify the chain with a public verifier tool, which means the log is provably append-only even with full database access.

07/Related reading

Keep going.

On kavachos.com

Evidence first, not slideware.

Bring your control catalog. We map the features, show the queries, and provide the evidence bundle your auditor actually wants.

Join early access Read the docs Star on GitHub