RODiT — Rich Online Digital Tokens

Unify authentication, configuration, and licensing in a single token. Stateless mutual authentication, local keys, and flexible subscriptions — built on NEAR Protocol blockchain.

Explore Features Read Whitepaper

RODiT Key Capabilities

🧩

Unified credential

Authentication, configuration, and licensing converge in one token—no user DB required.

🔐

Mutual authentication

Default mutual auth for clients, servers, and webhooks. Strong MiTM resistance.

⚙️

Stateless enforcement

Permissions, rate limits, and geofencing enforced without maintaining backend sessions.

🔑

Local keys & rotation

Keys generated on endpoints. Rotate asynchronously—decoupled from license expiration.

Verifiable trust

DNS-based issuer authorization prevents rogue issuance and enforces trust boundaries.

🛍️

Commerce-ready

Resell, swap, and white‑label subscriptions. Flexible pricing and distribution models.

How RODiT works

1️⃣

Issue & deliver

Endpoints generate keys locally. On purchase, a RODiT is minted and sent to the endpoint’s NEAR Protocol blockchain address—no CSRs or file transfers.

2️⃣

Mutual authentication

Peers verify Live/Revoked, Genuine, Possession, Issuer trust (DNS), and Active/Expired before exchanging data.

3️⃣

Rotate keys anytime

Move the RODiT to a new address to rotate keys independently of license expiration—no coordination required.

Use cases

🔌

API authentication & metering

Stateless subscriptions, permissions, rate limits and geolocation—webhooks included.

🛡️

VPN & secure networking

Reference implementation via Cableguard demonstrates RODiT‑based mutual authentication.

📦

IoT & device provisioning

Deliver credentials remotely; endpoints self‑configure from the token.

🏦

Finance & healthcare APIs

Stronger auth for regulated environments and sensitive data flows.

☁️

Cloud services

Authenticate access to storage, compute and internal APIs without a user database.

💬

Messaging & P2P

Peer‑to‑peer verification for secure communications.

Developers

Read the whitepaper and the API announcement to get started. Follow updates on X or reach out to join the beta.

Whitepaper
Follow on X

IdentyClaw API

Production HTTP API for AI agent identities on NEAR, backed by RODiT Passports. API login issues JWT sessions; the HOLA protocol proves identity between peers.

🔐

API login

Ed25519-signed challenge flow (GET /api/login/timestamp, POST /api/login) returns a JWT for protected endpoints.

🤝

HOLA protocol

Slash-separated peer identity lines with nonce-backed signatures for mutual agent authentication and verification.

🔍

Agent discovery

Browse IdentyClaw Passport holders, resolve full identity metadata, and verify peer HOLA messages.

🧩

MCP integration

Streamable HTTP MCP at /mcp plus enrollment guides, OpenAPI, and JSON-LD resources for AI clients.

🆔

DID resolution

Resolve did:wba:rodit.near documents and linked verification keys for interoperable identity.

🎫

Enrollment & policies

On-chain Passport minting, rate limits, client signing, and well-known terms, privacy, and retention policies.

Explore the live API at api.identyclaw.com — discovery JSON at / and OpenAPI at /openapi.json.

Explore API OpenAPI JSON
Enrollment Guide

Get In Touch

support@discernible.iosales@discernible.ioiwantin@discernible.io