VIA Protocol · Runtime authorization

Portable authorization infrastructure
for autonomous systems.

Humanos turns approvals, permissions, enterprise policies, and delegated authority into machine-verifiable runtime authorization systems can verify before execution.

Explore architecture Read API docs

What it is

Humanos is a runtime authorization layer that sits between any acting system — an AI agent, an ERP, a treasury, a trading desk — and the systems it tries to act on.

Before an action executes, the system asks Humanos: “is this allowed, right now, by whom, under what mandate?” Humanos returns a portable, verifiable answer the rest of the stack can trust.

01Start here

Architecture — the full map

See how the runtime, the trust fabric, and the production surface fit together.

Then explore by layer

The runtime

The execution loop — what happens every time a system tries to act.

02Runtime authorizationApprovals, permissions, and delegated authority become reusable runtime authorization.
03Cross-system propagationReusable across systems — identity-agnostic, any human or agent.
04Runtime verificationScope, freshness, identity, revocation — checked before execution.
05Dynamic recoveryMissing authorization is collected or escalated mid-flight.
06Execution receiptsEach verified action emits an independently verifiable receipt.

The trust fabric

The substrate the runtime stands on — identity, policy, and enforcement.

07Policy orchestrationAuthoring, versioning, and distribution of policy.
08Identity layerDIDs, signers, and the chain of human authority.
09Runtime enforcementBlock, allow, or escalate at the moment of action.

In production

Where Humanos runs today — and what teams use it for.

10IntegrationsNative hooks into the systems that already act.
11Real execution environmentsTreasury, healthcare, brokerage, agents in production.

01 · Runtime authorization lifecycle

From human intent to autonomous execution.

Humanos issues runtime authorization, propagates it across systems, verifies actions before execution, recovers missing approval dynamically, and generates independently verifiable proof afterwards.

Use the full runtime stack — or integrate only the layers you need.

RUNTIME LOG

01Approvals normalized into runtime authorization.

02 · Portable Authorization

Portable authorization.

Turn approvals, permissions, policies, contracts, and delegated authority into reusable runtime authorization — verifiable by any system that needs to act on them.

What this unlocks

Sign an approval once; reuse it across every system that needs to act on it.
Add a new acting system without re-issuing or re-signing mandates.
Keep policy and enforcement in lockstep — no drift between what was approved and what runs.
Revoke or amend in one place; every downstream system sees it on the next verify.

API DOCSMandates & Requests

MANDATE · VC v2Signed

transfer.execute

did:hum:mandate/0xA13F·B82C

mandate_id0xA13F·B82C·DD41…

subjectdid:hum:org/treasury-eu

actiontransfer.execute

scopecounterparty.allowlist · region:EU

constraintsamount ≤ €10,000 · per_day ≤ €50,000

delegationcfo → ops → agent.v1

valid_until2026-06-01T23:59:59Z

revocationregistry:via.revoke/0xA13F

signerElena Ruiz · Authority of Record

VERIFIED BY HUMANOS · ANCHORED 2026-04-21T09:14:22Z

PORTABILITYawaiting binding…

The same mandate, verifiable across every system that acts on it.

1×issued by human

∞verifications

0re-approval

03 · Cross-System Propagation

Reusable across systems.

Runtime authorization propagates across APIs, agents, workflows, and external systems — so every participant can verify what actions are actually allowed before execution.

What this unlocks

Identity-agnostic — works with any human or agentic identity, from any provider (Auth0, Okta, Entra, custom IdPs, agent frameworks, DIDs).
Counterparties verify what you were allowed to do without API access into your stack.
One runtime authorization is recognized by every system that speaks VIA — no per-partner integration.
Authorization travels with the actor — across organizations, vendors, and execution surfaces.

API DOCSVIA Protocol

04 · Runtime Verification

Verify before execution.

Every action passes through six deterministic checks before it touches a system of record. No verification, no execution.

What this unlocks

Block disallowed actions before they touch a system of record — not after.
Replace per-app rule code with one deterministic verification call.
Get a signed, sub-second answer in the execution path instead of after-the-fact reconciliation.
Make every “was this allowed?” question answerable from a single source.

API DOCShumanos.verify()

VERIFY · LIVEidle

INCOMING

verify(treasury.transfer)transfer €4,800

mandate · 0xA13F

scopeQUEUED

delegation chainQUEUED

policy constraintsQUEUED

revocation registryQUEUED

mandate freshnessQUEUED

identity & DIDQUEUED

RESULT

authorizedexecution allowed

RESULT PRIMITIVES

authorized

rejected

collect_missing

escalate

RECENT VERIFICATIONSlast 8 events

awaiting traffic…

05 · Dynamic Recovery

Recover authorization dynamically.

Most systems allow or deny. Humanos recovers execution legitimacy in real time — pausing an action, collecting what's missing, resuming where it stopped.

What this unlocks

Keep workflows moving when authority changes hands mid-flight — no silent stalls.
Escalate to a human only when one is actually required — and resume cleanly after.
Eliminate manual “re-issue approval” cycles when scope, signers, or constraints shift.
Turn auth failures into recoverable states instead of dead ends.

API DOCSMandate lifecycle

STEP 01

STEP 02

STEP 03

STEP 04

STEP 05

STEP 06

EXECUTING

transaction in flight

agent.v1 · transfer €52,000

exec.startagent.v1 → transfer.execute
exec.pausereason: scope.amount.exceeded
auth.requestsigner: cfo · channel: secure_link
auth.signedElena Ruiz · 2026-04-21T09:14:22Z
mandate.updateceiling: €50,000 → €60,000
exec.resumeproof.id: 0xPF·77E2 · authorized

06 · Execution Receipts

Portable execution receipts.

Every action emits independently verifiable proof — anchored, signed, and re-verifiable by any party that needs to attest to what happened.

What this unlocks

Hand auditors and counterparties cryptographic proof — not screenshots and log exports.
Make every executed action independently re-verifiable by anyone, forever.
Skip downstream reconciliation between systems that already agree on the proof.
Anchor compliance evidence at the moment of action, not at quarter-end.

API DOCSProofs (PoAI)

PROOF · POAIAnchored

verifiable proof

one verification event · permanent record · re-verifiable forever

authorized_byElena Ruiz · CFO

mandate0xA13F·B82C·DD41

actiontransfer.execute · €4,800

constraintscounterparty.allow · region.EU

delegationcfo → ops → agent.v1

policy_versiontreasury.policy/v2.4

executed_at2026-04-21T09:14:22Z

resultauthorized

proof_id0xPF·77E2·1AC9

VERIFIED BY HUMANOS · ANYONE CAN RE-VERIFY THIS PROOF, FOREVER

EXTERNAL VERIFIERS

Every party that needs to trust an action can verify it independently.

W3CVC v2.0

DIDidentified

∞re-verifiable

07 · Policy Orchestration

Policies become executable infrastructure.

Contracts, approvals, and enterprise rules normalize into runtime authorization semantics — composable, signed, machine-verifiable.

What this unlocks

Move policy out of scattered YAML and code into versioned, signed artifacts.
Author once, distribute to every enforcement point — no per-system rewrites.
Roll back or amend a policy in one place and have it propagate atomically.
Make policy changes auditable as first-class events, not config diffs.

API DOCSPolicy Requests

INPUT · ENTERPRISE LOGIC

Messy, locked in applications

PDF

Treasury Policy v2.4

34 pages · signed Q1

"Approved up to €50k"

CFO · 2026-02-14

TICKET

JIRA-7821 · approval

Finance Ops · closed

POLICY

Counterparty allowlist

spreadsheet · 412 rows

DELEG.

Power of attorney

notarized · paper

HUMANOS · NORMALIZE

OUTPUT · RUNTIME AUTHORIZATION

Composable, executable, verifiable

policy treasury.eu {
subject: did:hum:org/treasury-eu
action: "transfer.execute"
scope: {
counterparty: "allowlist:CTLST-014"
region: "EU"
},
constraints: {
amount: ≤ €10,000
per_day: ≤ €50,000
},
delegation: [cfo → ops → agent.v1]
valid_until: 2026-06-01T23:59:59Z
signed_by: Elena Ruiz · CFO ✓
}

composable

signed

verifiable

08 · Identity Layer

Works with your existing identity systems.

Humanos does not replace identity infrastructure. It standardizes authorization semantics around the identity you already have.

What this unlocks

Keep your existing IdP (Okta, Auth0, Azure AD) — Humanos layers on top, doesn’t replace.
Bind authorization to W3C DIDs without migrating users or rewriting login flows.
Give agents and services first-class verifiable identities, recognized across counterparties.
Map any identity provider into one authorization model your acting systems can trust.

API DOCSDIDs & VCs

09 · Runtime Enforcement

What becomes possible when authorization becomes portable.

What this unlocks

Apply the same authorization rules to humans, agents, and systems uniformly.
Convert manual controls (4-eyes, segregation of duties) into programmatic enforcement.
Build new automated workflows on top of guaranteed authorization — not best-effort.
Run autonomous systems with hard guardrails that travel with every action.

API DOCSEnforcement points

EMERGING · 01

Cross-system runtime verification

every action verifiable at the boundary

EMERGING · 02

Portable delegation across organizations

authority that travels with the actor

EMERGING · 03

External execution legitimacy before settlement

verify what was allowed, before money moves

EMERGING · 04

Runtime enforcement for autonomous systems

agents that cannot act outside their mandate

10 · Integrations

Works with your existing stack.

Humanos complements the systems you already run. The trust layer slots in alongside identity, applications, and external counterparties — without replacing any of them.

What this unlocks

Drop Humanos into existing systems via SDKs, webhooks, and direct API — no replatform.
Sit alongside your identity, applications, and external counterparties — not in front.
Cover first-party systems and third-party APIs with the same verify contract.
Ship the trust layer in days, not migrations.

API DOCSSDKs & API reference

SAPSAP

Salesforce

SNServiceNow

Okta

OAuth 2.1

REST · gRPC

MCPMCP

AI agents

Wallets

DocuSign

11 · Real Execution Environments

Where it runs in production.

Organized by execution environment, not industry. Each setting shares the same primitive: actions that need to verify before they execute.

ENV · 01● LIVE

Autonomous Treasury

Agents move capital within signed mandates. Every transfer carries an independently verifiable proof.

ENV · 02● LIVE

ERP Automation

Purchase orders, payments, and exceptions clear at runtime — verified against policy before they reach the system of record.

ENV · 03● LIVE

Healthcare Operations

Orders, releases, and consent flows execute under signed clinical authority, recoverable mid-action.

ENV · 04● LIVE

Delegated Trading

Strategies operate inside scoped trading authority — every fill emits a proof a counterparty can verify.

ENV · 05● LIVE

Agentic Commerce

Buyer agents transact across merchants with portable spending authority, settled against signed limits.

ENV · 06● LIVE

AI Workflow Execution

Multi-step AI workflows pause, escalate, and resume — never executing beyond the authority granted.

HUMANOS · VIA PROTOCOL

Authorization becomes infrastructure.

Today, authorization is trapped inside applications and workflows. Humanos separates it from systems and turns it into portable runtime infrastructure — reusable across organizations, APIs, agents, and autonomous workflows.

Read the docs

Portable authorization infrastructurefor autonomous systems.

From human intent to autonomous execution.

Portable authorization.

transfer.execute

The same mandate, verifiable across every system that acts on it.

Reusable across systems.

Verify before execution.

Recover authorization dynamically.

transaction in flight

Portable execution receipts.

verifiable proof

Every party that needs to trust an action can verify it independently.

Policies become executable infrastructure.

Messy, locked in applications

Composable, executable, verifiable

Works with your existing identity systems.

What becomes possible when authorization becomes portable.

Cross-system runtime verification

Portable delegation across organizations

External execution legitimacy before settlement

Runtime enforcement for autonomous systems

Works with your existing stack.

Where it runs in production.

Autonomous Treasury

ERP Automation

Healthcare Operations

Delegated Trading

Agentic Commerce

AI Workflow Execution

Authorization becomes infrastructure.

Portable authorization infrastructure
for autonomous systems.