Whisper Agent Identity (Independent Publisher)#4225
Conversation
Add the Whisper Agent Identity independent publisher connector: a public, keyless connector to verify an AI agent's Whisper IPv6 /128 identity, look up its RDAP record, read its tamper-evident identity transparency log, and see who has been resolving its name. Anonymous authentication (no account or API key).
…ne (two-tier) Rebuild the connector as two-tier per Postel's law. Keep the four public, keyless identity operations (verify, RDAP, transparency, inbound lookups) on rdap.whisper.online, and add five control operations (register, list, set policy, logs, revoke) routed to the Whisper control plane. The API key is an optional connection parameter (securestring, required:false). It is injected as the X-API-Key header only on the control operations via a setheader policy; those operations are sent to the control host/path with dynamichosturl + routerequesttoendpoint. One connection covers both tiers: leave the key blank and the keyless operations work; provide it and the control plane unlocks. Same no-auth + connection-parameter + policy pattern already used in this repo (e.g. ExchangeRate). Swagger validated as OpenAPI 2.0.
|
@kakooch please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.
Contributor License AgreementContribution License AgreementThis Contribution License Agreement (“Agreement”) is agreed to by the party signing below (“You”),
|
|
Hi @kakooch, Thank you for your interest in submitting the IP connector. Please accept the CLA.
Additionally, Independent Publisher connector process has been changed. Please refer below document and prepare connector package - https://learn.microsoft.com/en-us/connectors/custom-connectors/certification-submission Please refer this document for IP connector certification process - https://learn.microsoft.com/en-us/connectors/custom-connectors/certification-submission |

Whisper Agent Identity (Independent Publisher)
When submitting a connector, please make sure that you follow the requirements below, otherwise your PR might be rejected.
apiDefinition.swagger.json. (Validated as OpenAPI 2.0 withopenapi-spec-validator;paconn validaterequires an interactive Power Platform sign-in.)iconBrandColoris set.)Independent Publisher attestations:
Whisper Agent Identity
Give every AI agent a real, routable IPv6
/128identity (from2a04:2a01::/32, announced by AS219419), anchored in DNS, RDAP and a tamper-evident transparency log — and operate it from Power Platform.This is a two-tier connector (Postel's law):
rdap.whisper.online.Single connection, both tiers
The API key is an optional connection parameter (
api_key,securestring,required: false). It is injected as theX-API-Keyheader only on the five control operations (via asetheaderpolicy), and those operations are routed to the control-plane host/path withdynamichosturl+routerequesttoendpoint. The four keyless operations stay on the default host and require no key. So:400("an attributable API key is required").This is the same no-auth-plus-connection-parameter-plus-policy pattern used by existing connectors in this repo (e.g. ExchangeRate), so a single connector covers both tiers without a second auth policy.
Operations
/128./128+ its own API key (returned once)./128, PTR, tokens, key).Live checks (canonical example agent "scout", no key required)
Control plane (needs your key,
whisper_live_...— redacted here):An anonymous control call returns a clear problem object: "anonymous callers cannot use the agent control plane — an attributable API key is required" (HTTP 400).