Authorization Layer for AI Agents

Phantom
by Vanish Labs

Your agents move unseen. Your audit trail doesn't.

Get StartedCore Concepts
Production Ready
Open Source

Solving the Authz Bottleneck

As Martin Casado points out: authentication is solved, but authorization is a mess. Developers spend months building custom permission logic across dozens of data models, subscription tiers, and team roles.

The "Authz Tax"

Traditional auth tools like Clerk and Auth0 tell you who the user is. But your application still has to figure out what they can do across:

  • 50+ different data models
  • 10+ subscription tiers and billing states
  • 5+ team roles and hierarchies
  • Complex agent intent verification

The Traditional Way: Manual Hell

// Developers write this 1000x times
async function bookFlight(user, details) {
  if (!user.isSubscribed) throw Error();     // Auth check
  if (user.credits < 10) throw Error();      // Permission check
  if (details.price > user.maxSpend) throw Error(); // Policy
  if (!isIntentValid(user.currentTask, "book_flight")) throw Error();
  // ... hundreds more manual checks ...
}

The Phantom Way: Invisible

// One decorator handles everything
@Phantom.Protect({ intent: 'travel_booking' })
async function bookFlight(details) {
  // If execution reaches here, Phantom has ALREADY verified:
  // ✓ Identity (who is the agent?)
  // ✓ Permissions (what can they do?)
  // ✓ Intent (does this align with the mission?)
  // ✓ Entitlements (billing, credits, subscription)
}

How Phantom Works

1

Ghost Tokens

Agents receive temporary, opaque tokens scoped to specific intents—not broad API keys. If compromised, they vanish instantly without exposing underlying systems.

2

Shadow Sync

Real-time permission mirroring from your database and billing systems. When a subscription ends or a resource is deleted, permissions update instantly across all agents.

3

Intent-Aware Reasoning

Powered by Gemini-3-Flash, Phantom verifies that agent actions align with stated missions. Reading bank statements for a travel booking? Blocked and flagged.

4

Durable Missions

Built on Temporal workflows, agent permissions persist across days-long tasks. If a mission fails, Phantom atomically rolls back all actions—no cleanup code needed.

Built on Production-Grade Infrastructure

Temporal

Durable execution ensures agent workflows are reliable, resumable, and atomically reversible.

Gemini-3-Flash

Sub-400ms intent verification with high-context awareness for security reasoning.

Edge Deployment

Deploy to Vercel/Cloudflare Edge for sub-10ms permission checks worldwide.

Zanzibar Graph

Relationship-based access control inspired by Google's battle-tested authorization system.

Ready to Secure Your Agents?

Start with Phantom in under 5 minutes. No complex setup, no manual permission code.

View Quick Start Guide