AgentAdmit — Terms of Service

Last updated: May 31, 2026. These terms may be updated over time. Material changes will be communicated before they take effect.

1. Who We Are and What These Terms Cover

AgentAdmit is operated by AgentAdmit LLC ("AgentAdmit," "we," "us," or "our"). These Terms of Service ("Terms") govern your use of the AgentAdmit hosted service, including:

the developer dashboard
API access
token generation and exchange flows
token introspection / verification
SDK-connected hosted-service usage
development and staging usage with test keys
production usage with live keys

By creating an account, accepting these Terms, receiving a test key, using our APIs, validating tokens through our hosted service, or accessing the AgentAdmit dashboard, you agree to these Terms. If you do not agree, do not use the service.

These Terms apply to the hosted service itself. They do not grant any right to copy, self-host, or reproduce AgentAdmit's proprietary hosted infrastructure.

2. Who These Terms Apply To

These Terms apply to two broad categories of users:

2.1 Developers / App Operators

Individuals or organizations integrating AgentAdmit into an application, API, platform, or MCP server.

This includes:

traditional app owners
SaaS operators
MCP server operators
internal platform teams
developers building with AgentAdmit test keys or live keys

2.2 End Users

People who use an AgentAdmit-powered flow to grant an AI agent access to an application.

If you are accepting these Terms on behalf of a company or organization, you represent that you have authority to bind that entity.

3. What AgentAdmit Provides

AgentAdmit is a hosted authorization service for AI agents.

It enables applications and MCP servers to:

issue user-mediated agent connection flows
grant scoped permissions to agents
validate those permissions through AgentAdmit's hosted verification infrastructure
revoke access
log and audit agent authorization activity
meter verification usage for billing and analytics

3.1 Hosted-Service Model

AgentAdmit is a hosted service. Verification and introspection are performed through AgentAdmit's infrastructure.

For the hosted service:

token validation goes through AgentAdmit
mandatory introspection applies to hosted usage
there is no hosted self-validation option
local JWT validation is not an allowed substitute for hosted verification

3.2 Development vs Production

AgentAdmit supports two key environments:

Test keys (aa_test_...) for development, staging, and testing
Live keys (aa_live_...) for paid production use

Test keys are not a separate self-hosted or local mode. They still use the hosted service.

That means development and testing are still subject to:

these Terms
hosted verification behavior
service logging and operational controls

4. Accounts and Access

4.1 Registration

You must provide accurate and current information when creating an account.

4.2 Account Security

You are responsible for protecting your account credentials, API keys, tokens, and secrets.

If you believe your account or credentials have been compromised, you must notify us promptly and rotate or revoke affected credentials.

4.3 Organizational Authority

If you create or use an AgentAdmit account on behalf of a company, you are responsible for ensuring you have authority to do so.

4.4 Eligibility

You must be legally able to enter into these Terms. If you are under the age of majority in your jurisdiction, you may only use the service with appropriate parental or guardian consent, where legally required.

5. Keys, Tokens, and Authorization Responsibilities

5.1 Connection Tokens

Connection Tokens are intended to be delivered to the human user, not directly to the agent.

You may not route a Connection Token directly to:

an agent endpoint
a webhook controlled by the agent
an automated delivery path accessible to the receiving agent

5.2 Access Tokens

Access Tokens represent scoped access approved by a user for an agent.

You are responsible for:

enforcing scope boundaries in your application or tool layer
using AgentAdmit's hosted verification flow as required
ensuring your agent or app does not exceed granted permissions
giving users a way to revoke agent access where required by your product design or applicable law

5.3 No Silent Permission Expansion

You may not silently expand permissions beyond what the user approved. Material scope expansion requires a new user-approved flow.

5.4 Action-Layer Responsibility

AgentAdmit provides authorization infrastructure. You remain responsible for the actions your app, MCP server, or agent enables after authorization.

That includes:

downstream business logic
action safeguards
user disclosures
product-specific compliance obligations

6. Mandatory Introspection and No-Bypass Rules

Mandatory introspection is a core requirement of the AgentAdmit hosted service.

6.1 Hosted Verification Requirement

For the hosted service, token validation must go through AgentAdmit's verification / introspection infrastructure.

This requirement applies to:

live keys
test keys
development usage
staging usage
MCP operator integrations
standard app-owner integrations

6.2 No Bypass

You may not bypass hosted verification through methods such as:

local JWT validation in place of hosted verification
routing agent traffic around AgentAdmit verification infrastructure
disabling required verification logic while continuing to represent your integration as AgentAdmit-hosted
caching verification results beyond a reasonable short-lived operational window in ways that defeat revocation or usage metering

6.3 Enforcement

Bypassing mandatory introspection is a material violation of these Terms and may result in:

suspension
revocation of service access
invalidation of token verification for your account
other protective or remedial actions

7. Testing, Development, and Go-Live

7.1 Development and Testing Access

AgentAdmit may make test keys available for development, staging, integration work, and end-to-end testing before production activation.

This means:

initial development may begin before paid production activation
test keys may be used for integration work, staging validation, and end-to-end testing
test keys still use the hosted service

7.2 No Production Substitute

Test-key access is not a substitute for production deployment.

You may not use test keys in place of the applicable production activation requirements.

7.3 AgentAdmit Flexibility on Testing Usage

AgentAdmit reserves the right to set, change, or enforce limits, quotas, metering, eligibility rules, pricing, availability rules, or other conditions on test-key usage and development access.

7.4 Go-Live and Production Activation

Test keys are for development and testing. Live keys are generated in the AgentAdmit dashboard only after the app owner pays for a subscription.

Production use also requires compliance with these Terms and any applicable billing obligations.

AgentAdmit may restrict or deny live-key issuance or production activation if those conditions are not met.

8. Pricing, Billing, and Metering

8.1 Current Pricing Model

AgentAdmit's hosted-service pricing model is:

Starter: $50/month (250K API calls included, $0.30/1K overage)
Builder: $100/month (500K API calls included, $0.25/1K overage)
Pro: $200/month (1M API calls included, $0.20/1K overage)
Enterprise: Custom volume, custom pricing — contact us
Overages: billed according to the then-current pricing model

Public pricing and product details may be updated from time to time.

8.2 Metered Usage

Verification / introspection calls may be metered for billing, operational analytics, abuse prevention, service planning, or other legitimate business purposes.

8.3 Testing vs Billing

Test-key usage may be treated differently from live-key usage for billing purposes, but test-key traffic may still be logged, measured, rate-limited, and analyzed operationally.

8.4 Payment Obligations

If you subscribe to a paid plan, you agree to pay applicable fees, taxes, overages, and other amounts due under your plan.

8.5 Subscription Cancellation and Refunds

Users may cancel subscriptions at any time. Cancellation takes effect at the end of the current billing period. Access continues until the period ends.
No prorated refunds are issued for partial billing periods.
Automatic renewal: Subscriptions renew automatically at the end of each billing period unless canceled before the renewal date. You will be notified of upcoming renewals.
Cancellation method: You may cancel your subscription through the same interface used to subscribe, with no more steps than the original sign-up process.

8.8 Suspension for Non-Payment

If your account becomes delinquent or is suspended for non-payment, AgentAdmit may stop validating tokens associated with your account.

This may cause agents to lose access to your app, API, or MCP server until service is restored.

This is a core feature of the hosted-service enforcement model, not a bug.

9. Acceptable Use

You may use AgentAdmit to:

build and test AI-agent authorization flows
grant scoped, revocable agent access with user involvement
operate app-owner and MCP-server authorization flows
monitor and audit agent authorization usage
test staged or development integrations before launch

You must use the service lawfully, honestly, and in a way that does not undermine user control, scope integrity, or service security.

10. Prohibited Uses

You may not:

10.1 Bypass User Approval

Use AgentAdmit to grant agent access users did not actually approve.

10.2 Deliver Connection Tokens Directly to Agents

Direct automated delivery of Connection Tokens to agents or agent-controlled channels is prohibited.

10.3 Misrepresent Permissions

You may not misdescribe scopes, hide material scope effects, or use deceptive permission UX.

10.4 Exceed Granted Scope

Agents and applications may not intentionally operate beyond granted permissions.

10.5 Bypass Mandatory Introspection

Local verification, hosted-service bypass, or other circumvention of required introspection is prohibited.

10.6 Abuse the Platform

You may not:

evade limits or billing
create duplicate accounts to evade restrictions
interfere with platform operations
use the service for fraud, harassment, illegal access, or other unlawful conduct

10.7 Use High-Risk Autonomy Without Appropriate Safeguards

If your integration enables high-risk actions, you are responsible for implementing appropriate controls.

11. Logs, Telemetry, and Introspection Data

11.1 What We May Log

For hosted-service operation, AgentAdmit may log and process metadata such as:

app identifier
environment / key type
anonymized or pseudonymous user identifier
scope used or requested
endpoint or tool called
timestamps
agent-related connection metadata
request-level operational metadata necessary for billing, analytics, abuse prevention, debugging, or service integrity

11.2 Purpose of Logging

We may use this data to:

operate the service
meter usage
bill for hosted-service consumption
improve performance and reliability
investigate abuse or incidents
support revocation and auditability
develop analytics and future service features consistent with our policies and applicable law

11.3 Privacy and Future Products or Features

Any future products, features, or services that use data collected through the hosted service will be subject to the then-current Privacy Policy, applicable law, user controls, and any additional user-facing disclosures or consents required at that time.

12. Customer Responsibilities

You are responsible for:

obtaining any legally required consent from your own users
maintaining your own privacy policy and product disclosures
accurately describing what your app or MCP server does
handling your own downstream application logic, data access, and user experience
securing any credentials or secrets in your systems
implementing rate limiting and access controls on your own API endpoints and MCP server tools to protect your infrastructure from excessive agent usage
complying with applicable law in your industry and jurisdiction

AgentAdmit provides authorization infrastructure that determines whether an agent is authorized and what scopes it has. You remain responsible for your product, your agent behavior, your endpoint protection, and your regulated obligations. AgentAdmit does not control or limit how frequently authorized agents call your endpoints.

13. Suspension, Termination, and Service Effects

13.1 Suspension Rights

We may suspend or restrict access if reasonably necessary to:

address non-payment
stop abuse
protect the service
respond to legal or security risk
enforce these Terms

13.2 Termination

We may terminate accounts that materially violate these Terms.

You may stop using the service at any time, subject to any surviving payment or contractual obligations.

13.3 Effect on Token Validation

If your account is suspended or terminated, AgentAdmit may stop validating tokens associated with your integration.

This may immediately disrupt agent access.

13.4 Survival

Sections that reasonably should survive termination will survive, including payment obligations, liability limitations, indemnity, IP provisions, and dispute-related provisions.

14. Intellectual Property

The AgentAdmit hosted service, dashboard, APIs, branding, documentation beyond any separately licensed materials, and related operational systems are proprietary unless explicitly stated otherwise.

These Terms do not grant you ownership of the hosted service or any right to reproduce, resell, copy, reverse engineer, or self-host the proprietary service except to the extent such restriction is prohibited by law.

Patent and trademark notices may apply to portions of the system and branding.

15. Disclaimers

The service is provided on an "as is" and "as available" basis, except to the extent otherwise expressly agreed in writing.

We do not guarantee uninterrupted service, perfect accuracy, or fitness for every use case.

16. Limitation of Liability

16.1 Disclaimer of Indirect Damages

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER AGENTADMIT NOR ITS AFFILIATES, OFFICERS, EMPLOYEES, AGENTS, OR CONTRACTORS SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, BUSINESS OPPORTUNITIES, OR GOODWILL, ARISING OUT OF OR RELATED TO THESE TERMS OR YOUR USE OF (OR INABILITY TO USE) THE SERVICE, REGARDLESS OF THE THEORY OF LIABILITY (INCLUDING CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR OTHERWISE), EVEN IF AGENTADMIT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

16.2 Cap on Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, AGENTADMIT'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE GREATER OF: (A) THE TOTAL AMOUNTS YOU PAID TO AGENTADMIT DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) FIVE HUNDRED DOLLARS (USD $500).

16.3 Basis of the Bargain

THE LIMITATIONS IN THIS SECTION 16 REFLECT THE ALLOCATION OF RISK BETWEEN THE PARTIES AND ARE AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. THE SERVICE WOULD NOT BE PROVIDED WITHOUT THESE LIMITATIONS.

16.4 Exceptions

Nothing in this section excludes or limits liability to the extent that such exclusion or limitation is not permitted under applicable law, including liability for fraud or fraudulent misrepresentation.

17. Indemnification

17.1 Your Indemnification Obligations

You agree to defend, indemnify, and hold harmless AgentAdmit LLC and its affiliates, officers, employees, agents, and contractors (each, an "Indemnified Party") from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to:

your use of the Service
your violation of these Terms
your application's or MCP server's behavior, including any actions taken by agents authorized through your integration
your violation of applicable law or any third-party rights
any dispute between you and your users, customers, or any third party
your failure to comply with your own privacy, security, or regulatory obligations

17.2 Indemnification Process

AgentAdmit will promptly notify you of any claim subject to indemnification (provided that failure to notify will not relieve your obligations except to the extent you are materially prejudiced). You will have the right to control the defense of any such claim, provided that AgentAdmit may participate in the defense with its own counsel at its own expense. You may not settle any claim without AgentAdmit's prior written consent if the settlement would impose any obligation on AgentAdmit or admit fault on AgentAdmit's behalf.

18. Governing Law and Disputes

18.1 Governing Law

These Terms and any dispute arising out of or related to these Terms or the Service shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of laws provisions.

18.2 Venue

Any legal action or proceeding arising out of or related to these Terms shall be brought exclusively in the state or federal courts located in Orange County, California, and you consent to the personal jurisdiction of such courts.

18.3 Informal Resolution

Before filing any claim, you agree to try to resolve the dispute informally by contacting us at legal@agentadmit.com. We will try to resolve the dispute informally by contacting you via email. If a dispute is not resolved within thirty (30) days of submission, either party may proceed to formal resolution.

18.4 Class Action Waiver

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, YOU AND AGENTADMIT AGREE THAT EACH PARTY MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION.

18.5 Limitation on Time to File Claims

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ANY CAUSE OF ACTION OR CLAIM YOU MAY HAVE ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES. OTHERWISE, SUCH CAUSE OF ACTION OR CLAIM IS PERMANENTLY BARRED.

19. Contact Information

AgentAdmit LLC