Interactive Product Demo

Permission control for
AI agents that act in the real world

See how Kynara enforces RBAC + ABAC policies, routes sensitive actions to human approval, and writes every decision to a tamper-evident audit log — in real time.

Decisions evaluated

<8ms

p95 API latency

Approvals pending

Active agents

How it works

Every tool call, checked in milliseconds

Your agent calls Kynara before executing any action. Policies evaluate in priority order — the first match wins. No match means deny.

Decision pipeline

🤖

AI Agent

CRM Assistant

→

🔍

decisions/check

POST /api/v1

→

🛡️

RBAC gate

Role check

→

⚙️

ABAC engine

Condition eval

→

✅

Decision

allow / deny / approve

Interactive Playground

Run a real policy decision

Pick a scenario or build your own request. Watch the decision flow animate and see the audit entry appear.

Subject type

Subject ID

Action

Resource type

IP country

Time (HH:MM)

Live Audit Log

Decisions will appear here...

Human-in-the-loop

Sensitive actions wait for a human

When a policy returns require_approval, the agent pauses. A reviewer sees the full context and decides.

⏳ PENDING REVIEW

payments.refund.issue

AgentBilling Assistant

Actionpayments.refund.issue

Amount$4,200.00

Customercust_8812

PolicyRefunds > $1k require approval

Expiresin 23h 58m

What the agent sees

Python
try:
    kynara.enforce("payments.refund.issue",
        resource={"type": "payment",
                  "id": refund_id,
                  "attrs": {"amount_cents": 420000}})
    issue_refund(refund_id)

except ApprovalRequired as e:
    # Agent pauses here — sends URL to Slack
    slack.post(f"Approval needed: {e.approval_url}")
    # Resumes only after human approves

The agent never proceeds past enforce() until a human resolves the approval. The SDK raises ApprovalRequired — no workaround, no timeout bypass, no way to skip.

Tamper-evident audit

Every decision, hash-chained forever

The audit log is append-only and SHA-256 hash-chained. Modifying any past record breaks the chain — detectable in seconds.

SHA-256 hash chain (last 3 events)

Event #1041

hash: a3f9c2…d84e1b

prev: 9b2e14…f3c77a

→

Event #1042

decision.allow · agent:crm

hash: 7c1d88…2fb04e

prev: a3f9c2…d84e1b

→

Event #1043 ← latest

approval.created · agent:billing

hash: e5a312…90c128

prev: 7c1d88…2fb04e

Full platform

Everything you need, nothing you don't

Kynara handles the full governance lifecycle so your team can focus on building agents, not permission systems.

🛡️

RBAC + ABAC policies

Role-based grants scoped to namespaced actions. Attribute conditions (time, IP, data class, environment) evaluated per request. Priority-ordered, first-match-wins.

🔬

Policy replay

Before deploying a policy change, simulate it against 30 days of real decisions. See exactly what would flip — allow→deny counts — before any live agent is affected.

⚡

Sub-millisecond sidecar

Go sidecar evaluates a JWS Ed25519-signed local policy bundle at <1ms p95. Streams decisions back to the central audit log in 5-second batches.

🔑

JIT break-glass grants

Time-bound permission elevations with justification + ticket URL. Auto-expire. Every grant is recorded in the audit chain. No permanent policy changes required.

📊

Anomaly detection

Z-score deny-rate alerting and geo-jump detection across a 30-day rolling baseline. Automatic agent revocation when guardrail thresholds are crossed.

🔗

Framework integrations

LangChain, LangGraph, AutoGen, CrewAI, OpenAI Assistants, Anthropic tool use, Express.js — one SDK enforces across all of them.

Integration

Drop-in enforcement, any framework

Python — decorator

Python
from kynara_sdk import permission_required

@permission_required(
    "payments.refund.issue",
    resource_arg="refund_id",
    resource_type="payment.refund",
)
def issue_refund(refund_id: str):
    # Only runs if Kynara says allow
    return stripe.refund(refund_id)

TypeScript — guarded wrapper

TypeScript
import { guarded } from "@kynara/sdk";

const issueRefund = guarded({
  client, action: "payments.refund.issue",
  resource: (id, cents) => ({
    type: "payment.refund", id,
    attrs: { amount_cents: cents },
  }),
}, async (id, cents) => {
  return await processRefund(id, cents);
});

Get started free

3 seats · 10,000 decisions/mo · No credit card

Start enforcing permissions in your agent in under 5 minutes. Free plan includes the full policy engine, audit log, approvals, and JIT grants.

Create free account → Read the docs

Permission control forAI agents that act in the real world