A2B STANDARD CONTRACT

Declare what agents can do in existing business systems.

ACC gives APIs a common way to describe agent-visible operations, acting subjects, risk levels, approval intent, rate limits, sensitive fields, examples, and audit metadata.

ACC controls reach. The business system controls authority.

capability declaration x-agent-capability
Business API Existing System Orders, refunds, staff, inventory
ACC Capability Contract scope, risk, subject, approval
Runtime Agent Control Plane route, govern, audit, trace
x-agent-capability:
  version: 1
  enabled: true
  scope: refund.create
  subject:
    required: true
  risk:
    level: high
  approval:
    required: true

ACC is not a chatbot framework, workflow product, or runtime. It is a portable declaration contract that different gateways, SDKs, control planes, and agent runtimes can implement.

SPECIFICATION

One contract, multiple implementation styles.

ACC keeps capability metadata next to the API contract, while authorization and final business decisions stay inside the business system.

01

Capability Scope

Declare what operation an agent may see and which scenario may use it.

02

Acting Subject

Mark operations that require a real user, employee, tenant, or business actor.

03

Risk and Approval

Expose risk level and human approval intent without replacing business authority.

04

Audit Metadata

Preserve examples, sensitive fields, confirmation rules, and extension metadata.

EXAMPLES

Attach ACC to OpenAPI.

The first ACC binding is the OpenAPI extension field. It is readable by humans, verifiable by tools, and portable across control planes.

openapi.yaml
paths:
  /refunds:
    post:
      x-agent-capability:
        version: 1
        enabled: true
        scope: refund.create
        risk:
          level: high
        approval:
          required: true
          when:
            - field: amount
              op: gt
              value: 1000
        subject:
          required: true

IMPLEMENTATIONS

Implementation-neutral by design.

ACC can be implemented by control planes, API gateways, SDK generators, MCP gateways, policy engines, and audit tools.

BailingHub Reference implementation

The first open-source A2B control plane implementing ACC across routes, tools, approval intent, HMAC-signed calls, traceability, diagnostics, SDKs, and console workflows.