Quick Start

Generate your agent.json

Build a spec-compliant agent.json for your website in under a minute. Everything runs in your browser — your data never leaves this page.

● Client-side only·No tracking·No account required·MIT licensed·View spec source

Step 1

Describe your site

Enter your domain, what your site does, and what auth it uses.

Step 2

Define your actions

Add the API endpoints agents can call — search, create, update, delete.

Step 3

Deploy the file

Download and place at /.well-known/agent.json on your server. Done.

CLI

Or use the CLI

Generate an agent.json from your terminal in seconds:

terminal

npx agent-json init

Validate an existing file:

terminal

npx agent-json validate agent.json

Zero dependencies. Runs instantly via npx.

Claude Code

Native Claude Code support

Add AWP tools to Claude Code by adding this to ~/.claude/mcp.json:

~/.claude/mcp.json

{
  "mcpServers": {
    "awp": {
      "command": "npx",
      "args": ["awp-mcp-server"]
    }
  }
}

Then ask Claude Code: "Generate an agent.json for my API" — it knows the spec natively.

Configure

DomainYour website's domain name

IntentOne sentence: what does your site do?

Auth typeHow do agents authenticate?

ActionsWhat can agents do?

Action 1

Method

Endpoint

Description

Requires authentication

Preview

✗ No actions defined

/.well-known/agent.json

{
  "awp_version": "0.1",
  "domain": "yourdomain.com",
  "intent": "Describe what your site does"
}

Validate at agent-json.org ↗

After you deploy

Where to place the file

Serve it at https://yourdomain.com/.well-known/agent.json with Content-Type: application/json. Most frameworks and hosting providers support the .well-known directory natively.

What happens next

AI agents that support AWP will discover your file automatically via the well-known endpoint. They'll read your declared actions and can begin interacting with your API according to the capabilities you've published.

Security: what agent.json does and doesn't do

agent.json only declares capabilities — it does not grant access. Your existing auth, rate limiting, and access controls still apply. Publishing agent.json does not open any new attack surface. It's a static file, like robots.txt — remove it and agents stop discovering your site.

No lock-in

agent.json is a static JSON file you control. There's no service dependency, no SDK, no vendor. Delete the file and it's as if it was never there. The spec is MIT-licensed and open source.

Or generate it from your codebase

If you use Claude Code, run this prompt in your project root. It will scan your routes, endpoints, and middleware to generate a compliant agent.json automatically.

Claude Code prompt

Analyze this codebase and generate a /.well-known/agent.json
file following the Agent Web Protocol spec (v0.1).

Scan for API routes, endpoints, and handlers. For each action,
determine: id, description, HTTP method, endpoint path, and
whether auth is required.

Output a valid agent.json with awp_version, domain, intent,
and actions array. Place it at the correct well-known path.

Spec reference: https://agentwebprotocol.org/spec