AXIRU
Sign in
Agent onboarding

One POST. One human click. A governed Axiru tenant.

External agents discover Axiru via /.well-known/agent.json, call /api/agent/onboard once, and hand the human a single magic link. Workspaces start in shadow mode — the engine evaluates and logs every decision but never blocks until the human flips enforcement on.

Read agent.json →See coverage matrix →
Discoverable

agent.json — the canonical machine-readable description.

Served at /.well-known/agent.json with a co-published legacy /.well-known/ai-plugin.json. The block below is rendered from the same builder that powers the well-known route, so the doc you copy and the doc an agent fetches can never drift.

GET /.well-known/agent.json
{
  "schema_version": "agent.json/1.0",
  "service": "axiru",
  "name": "Axiru",
  "description_for_model": "Use the Axiru MCP server to list pending approvals, approve or reject them, inspect the audit ledger, and fetch workspace setup state. Suitable for building agentic finance assistants that need pre-execution policy enforcement on Stripe transactions.",
  "description_for_human": "Financial decision control layer for Stripe — intercept refunds, credits, and adjustments before money moves.",
  "contact_email": "support@axiru.com",
  "legal_info_url": "https://axiru.com/privacy",
  "documentation_url": "https://axiru.com/docs/api",
  "logo_url": "https://axiru.com/logo.svg",
  "base_url": "https://axiru.com",
  "endpoints": {
    "mcp": {
      "url": "https://axiru.com/api/mcp",
      "protocol_version": "2025-03-26",
      "transport": "streamable-http"
    },
    "onboard": {
      "url": "https://axiru.com/api/agent/onboard",
      "method": "POST"
    }
  },
  "auth": {
    "type": "bearer",
    "tokenPrefix": "ak_"
  },
  "starter_intents": [
    {
      "id": "refund_governance",
      "description": "Set up refund governance for a SaaS company."
    },
    {
      "id": "chargeback_review",
      "description": "Stand up chargeback review with shadow mode enabled."
    },
    {
      "id": "audit_only",
      "description": "Read-only audit assistant for an existing Stripe history with no enforcement."
    }
  ],
  "merger_status": "in_progress",
  "siblings": [
    "ifivo"
  ]
}

The MCP endpoint advertises protocol_version 2025-03-26 over the streamable-http transport. Auth is bearer with the ak_ prefix; the legacy ai-plugin.json maps the same auth model down to the user_http / bearer pair for older clients.

Starter intents

Pick the intent. The orchestrator does the rest.

Each intent installs a different starter policy pack. Repeated calls with the same idempotency key return the same tenant, so an agent loop never forks workspaces.

Axiru
Refund governance
intent: "refund_governance"

Spin up refund control with shadow mode on. Stripe refund tool calls evaluate against three starter policies (amount caps, customer segment, suspected-fraud signal) before money moves.

Axiru
Chargeback review
intent: "chargeback_review"

Stand up dispute-evidence routing in shadow mode. Decisions are logged to the ledger; nothing is submitted automatically until enforcement is turned on.

Axiru
Subscription pause / cancel review
intent: "subscription_pause_review"

Pre-execution review for subscription pause, cancel, and proration tool calls. Currently plumbing only — routes through the policy engine; native dashboard surface is on the roadmap.

Folded from iFivo
Payment-action governance
intent: "payment_action_governance"

General-purpose payment-tool intercept for any rail registered through @axiru/agt-extension. Same engine, same ledger, same policy templates.

Read-only
Audit-only assistant
intent: "audit_only"

No enforcement, no policy install. Just a ledger reader so an external agent can answer questions about historical Stripe activity through MCP.

Single call

POST /api/agent/onboard — request and response.

Unauthenticated by design — the endpoint mints shadow-mode-only tenants. Rate-limited to 10 requests per 60 seconds per identifier so a runaway agent loop cannot fork workspaces.

curl
curl -X POST https://www.axiru.com/api/agent/onboard \
  -H 'content-type: application/json' \
  -d '{"intent":"refund_governance","contact_email":"ops@example.com","company_name":"Example Inc.","agent_id":"claude-3.7-sonnet","vertical":"saas","idempotency_key":"<= 16-char stable key generated by the agent"}'
JavaScript / TypeScript
const res = await fetch("https://www.axiru.com/api/agent/onboard", {
  method: "POST",
  headers: { "content-type": "application/json" },
  body: JSON.stringify({
    "intent": "refund_governance",
    "contact_email": "ops@example.com",
    "company_name": "Example Inc.",
    "agent_id": "claude-3.7-sonnet",
    "vertical": "saas",
    "idempotency_key": "<= 16-char stable key generated by the agent"
  }),
});
const { tenant_id, api_key, magic_link, human_summary } = await res.json();
200 OK response
{
  "tenant_id": "ws_2c8a...",
  "api_key": "ak_live_...",
  "mcp_endpoint": "https://www.axiru.com/api/mcp",
  "starter_policies": [
    {
      "id": "recommended-default",
      "slug": "conservative-smb",
      "name": "Conservative starter (auto-allow <$100, escalate above)"
    },
    {
      "id": "intent-refund_governance",
      "slug": "intent-refund_governance",
      "name": "Intent template · refund governance"
    }
  ],
  "simulation_url": "https://www.axiru.com/preview/replay?ws=ws_2c8a...",
  "magic_link": "https://www.axiru.com/auth/magic?token=...",
  "human_summary": "I created a shadow-mode workspace for Example Inc. Click this once to finish setup."
}

The api_key is returned exactly once. Hand the magic_link straight to the human; the rest goes to the agent loop. human_summary is a one-liner the agent can relay verbatim so the user sees consistent language across providers.

Deterministic orchestrator

Four steps, every time, in the same order.

The orchestrator lives in @intentledger/agent-core/onboarding. Each step is idempotent and side-effect-injected through an OnboardingHost so Axiru and any sibling service can reuse the engine.

01 · workspace

Mint a shadow-mode-only tenant keyed off the contact email + agent id + idempotency key. Repeated calls with the same idempotency key return the same tenant.

returns: tenant_id
02 · api_key

Mint a tenant-scoped API key prefixed `ak_`. Stored as a SHA-256 hash; the plaintext is returned exactly once in this response.

returns: api_key (use immediately on /api/mcp)
03 · starter_policies

Install starter policies for the chosen intent. All start in shadow mode; the engine evaluates and logs decisions but does not block tool calls until enforcement is flipped.

returns: policy_ids[]
04 · magic_link

Sign a single-use magic link the human clicks to claim the workspace, complete Stripe Connect, and graduate from shadow mode to enforced.

returns: magic_link (one click, one human)
Safety

Shadow mode is the default. Always.

Every workspace minted through /api/agent/onboard starts with policies installed in shadow mode. The engine evaluates every decision and writes to the ledger — but tool calls are not blocked and money does not move until the human clicks the magic link, completes Stripe Connect, and explicitly flips enforcement.

  • No silent enforcement. Shadow mode is on for every starter intent, no exceptions.
  • No bearer key without a human. The api_key is tenant-scoped and the magic link is the gate to graduate to a real money-moving workspace.
  • Idempotent by design. Same idempotency key in, same tenant out — agent loops cannot multiply workspaces.
  • Rate-limited fail-closed. The endpoint declines when Redis is unavailable; it never silently skips the limit.
Wire it through Microsoft AGT →See the AI-agents brief →
Next step

Discoverable. Idempotent. Safe by default.

Three properties every external-agent integration should have. Axiru ships them on day one.

Start in shadow mode first. Move to live enforcement later.

Read agent.json →Book a demo →

We use cookies for product analytics and marketing measurement. Nothing non-essential runs until you choose.

Privacy policy