IDENTITY · AUTHORITY · STATE · EVIDENCE

Resolver-verifiable identity for the machine economy.

Give agents, businesses, APIs, software, products and infrastructure a stable ECZ-ID identity spine, structured credentials and a public Resolver path that counterparties can re-check before reliance.

Choose a guided route, review the recommended setup in TrustOps and activate the credentials your operation needs. Developer Gateway documents and routes; it does not create proof.

Choose a guided route For agents and machine clients Open Resolver

12
Guided Solution Routes: 9
Credential Domains: 33
Child Passports: 78
Public Catalogue Entries

For agents and machine clients

Built to be read by machines, not just people.

Agents, LLMs, MCP clients, procurement tools and technical buyers can read structured ECZ-ID documentation, schemas and route guidance. Machine clients can identify the relevant setup path, create a safe handoff to TrustOps and re-check public state through Resolver. No purchase, activation or proof is created on this site.

Read the machine index →Structured index for machine clients.

Browse schemas →JSON Schemas for every public surface.

Verify with the MCP Verifier →Local-first npm CLI and GitHub Action.

Read the result contract →What a verifier result means and does not mean.

Request Resolver Proof →Documented request-to-resolve path.

Re-check Resolver ↗Re-check current public state before reliance.

Guided starting points

Choose from twelve practical routes.

These guided routes cover common, high-value starting points across the wider ECZ-ID credential estate. They are not exhaustive. Choose the route closest to your immediate requirement, then review the relevant setup in TrustOps.

ECZ-ID can support wider combinations of Business Passport tiers, child passports, packages and add-ons around identity, authority, custody, evidence and accountability needs.

Not sure where to begin?

Compare Business Passport tiers →Machine-client guidance →

Agents, software & tools

Identity and accountability for agents, MCP servers, tools, APIs and software.

MCP Server & Tool Trust

Connect an MCP server or tool to an accountable operator and a Resolver-checkable setup path before higher-reliance use.

Best for

MCP operatorsTool providersAI integration teams

Helps structure

Operator linkageTool & API dependenciesResolver re-check

Start guided route View route details →

Agent Identity & KYA

Give an agent an attributable operator chain, defined authority and the appropriate Know-Your-Agent depth for review.

Best for

Agent operatorsAutomation teamsPlatform reviewers

Helps structure

Agent CredentialOperator authorityKYA posture

Start guided route View route details →

API, Software & Repo Trust

Link APIs, software, models and repositories to accountable operators and relevant supply-chain evidence.

Best for

API providersSoftware publishersRepository maintainers

Helps structure

API identitySoftware supply chainProvenance evidence

Start guided route View route details →

Business, cloud & digital counterparties

A governed business root, plus resolver-checkable cloud and digital-counterparty surfaces.

Cloud & Provider Proof

Bind cloud accounts, tenants, domains and technical assets into a provider-aware, Resolver-checkable evidence path.

Best for

Cloud teamsMulti-cloud estatesRegulated workloads

Helps structure

Cloud bindingsProvider coverageCurrent-state evidence

Start guided route View route details →

Business Identity Foundation

Establish the governed ECZ-ID Business Passport™ root that other passports, packages and add-ons depend on.

Best for

Operating businessesVendors & suppliersPlatform operators

Helps structure

Parent identityTier selectionCredential foundation

Start guided route View route details →

Digital Counterparty Infrastructure

Make a website, portal, wallet or API easier for human and machine counterparties to identify and re-check.

Best for

Digital businessesPlatforms & marketplacesAPI & wallet operators

Helps structure

Public-surface identityMachine-readable guidanceResolver pathway

Start guided route View route details →

Resilience & commercial outcomes

Resilience, supply-chain and outcome-focused evidence prepared for repeat review.

DORA & SBOM Vendor Credentialing

Structure resilience and software supply-chain evidence for repeat vendor, buyer and regulated-sector review. Posture and evidence support — not regulatory certification.

Best for

ICT vendorsSoftware suppliersGovernance teams

Helps structure

DORA postureSBOM evidenceSupplier review

Start guided route View route details →

Critical Infrastructure, Cyber & Operational Resilience

Organise authority, cyber posture and operational evidence for high-reliance systems and infrastructure.

Best for

Critical operatorsUtilities & infrastructureCyber-exposed services

Helps structure

Operational authorityResilience evidenceIncident readiness

Start guided route View route details →

Trade Finance & Construction Outcomes

Use outcome-focused credential compositions for trade-finance readiness or construction dispute defensibility.

Best for

Trade-finance teamsProject owners & contractorsClaims & review teams

Helps structure

Product identityCustody & riskAuthority continuity

Start guided route View route details →

Robotics, mobility & global trade

Operator, authority and current-state evidence for physical and autonomous systems.

Humanoid Robots & Robotics Insurability

Connect robot operators, operating roles and current-state evidence for industrial, public-space and domestic robotics.

Best for

Robot manufacturersIntegratorsRobot operators

Helps structure

Operator accountabilityRobot identityInsurer-review evidence

Start guided route View route details →

Robotaxis, Autonomous Freight & Drone Insurability

Structure operator, authority and dependency evidence for autonomous road, freight and aerial systems.

Best for

Mobility operatorsAutonomous freight teamsDrone fleets

Helps structure

Operating authorityVehicle or drone identityDependency evidence

Start guided route View route details →

Global Trade, Containers & Marine Insurability

Connect identity, custody and risk evidence across cargo, containers, vessels and global-trade infrastructure.

Best for

Shippers & carriersPort & terminal operatorsCargo & marine reviewers

Helps structure

Custody chainAsset identityRisk evidence

Start guided route View route details →

Need a combination rather than a single route?

TrustOps can help you review the relevant Business Passport tier, child passports, packages and add-ons around your operating requirement. Payment starts setup; public proof follows Backend/Core activation; re-check Resolver before reliance.

Review setup in TrustOps ↗Browse the full catalogue →Re-check in Resolver ↗

MCP & KYA Agent Trust Gateway

Resolve the server. Resolve the agent. Re-check before reliance.

ECZ-ID gives developers, platforms, and enterprise teams a resolver-first way to check MCP servers, tools, APIs, packages, and agents before high-risk use.

ECZ-ID separates setup, verification state, and public proof so operators can prepare evidence and relying parties can re-check before they act.

Path 1

I operate an MCP server or tool

Discover MCP Verifier, MCP Assurance, MCP Assurance Plus, MCP Policy, the 18 ResultStates, and ReasonCodes.

Open MCP hub →

Path 2

I operate an agent

Agent Credential Entry, KYA Starter, KYA Verified, KYA Assured, receiving-agent workflow, and fail-closed verification.

Open Agents hub →

Path 3

I need policy-gate checks

MCP Policy provides a deterministic local gate that consumes Action Envelopes. Local policy decides. Re-check before reliance.

Open MCP Policy →

Start setup in TrustOps ↗View setup guidance →Agent Trust Card →

ECZ-ID Agent Trust

Resolve the Agent Before You Allow It to Act.

ECZ-ID gives autonomous agents, AI tools, MCP servers, API-using workflows, and agent operators a resolver-verifiable identity and accountability layer before they integrate, transact, deploy, or represent a business.

Definition

ECZ-ID Agent Trust is the ECZ-ID layer that lets a business make an AI agent, API-using workflow, MCP server, or autonomous tool resolver-verifiable before another system relies on it.

Thesis

Before higher-reliance use, a relying party can resolve the operator, declared authority, relevant dependencies, and current public state. Local policy decides whether that evidence is sufficient.

Agents are starting to act

Calling APIs. Triggering workflows. Representing businesses. Moving data. Interacting with platforms. Acting inside operational and commercial systems.

Most still cannot prove

Who controls them. What authority they have. What systems they depend on. Whether their current state can be relied on. Where a counterparty can verify them.

ECZ-ID gives them

Resolver-verifiable identity, accountable operator linkage, declared authority, dependency visibility, current-state visibility, and machine-readable proof.

Four questions a relying party should be able to resolve

Operator. Authority. Dependencies. Current state. Resolver-verifiable, machine-readable, before action.

Proof question

Who controls this agent?

Bind the agent to an ECZ-ID Business Passport™ so counterparties can resolve the accountable operator behind the system.

Proof question

What is it allowed to do?

Declare and verify the agent’s operating role, delegated authority, scope, and current status before relying on its actions.

Proof question

What does it depend on?

Attach API, AI Model, Dataset, Software Supply Chain, and other relevant passports where the agent depends on external systems.

Proof question

Can it be relied on right now?

Use the public Resolver to check current state before integration, deployment, transaction, or acceptance.

Composition

The Agent Trust Stack

Start with the business. Bind the agent. Attach the systems it uses. Resolve the state before action.

ECZ-ID Business Passport™

Parent identity spine for the operator.

ECZ-ID Agent Credential™

Resolver-verifiable credential for the agent.

ECZ-ID API Passport™

For APIs, MCP tools, webhooks, GPT actions, and external systems used by the agent.

ECZ-ID AI Model Passport™

For model-backed agents where model identity and lineage matter.

ECZ-ID Dataset Passport™

For agents dependent on governed, sensitive, licensed, or operationally important data.

ECZ-ID Software Supply Chain Passport™

For deployed agent runtimes, packages, MCP servers, and automation environments.

Public Resolver Proof

Human-readable and machine-readable state verification.

Boundary of Claim

Accountability, Not AI Safety Theatre

ECZ-ID does not claim:

· that an agent always reasons correctly
· that a model cannot hallucinate
· that private prompts, code, or user data are being monitored
· that ECZ-ID is certifying general AI safety
· that the website itself verifies or provisions anything

ECZ-ID proves more concrete things:

· who the agent is connected to
· what authority has been declared
· which credentials support its operation
· whether its current state can be resolved
· where a relying party can verify that state

Start Agent Trust Flow →Verify an ECZ-ID ↗Read the Machine Manifest →

DORA & SBOM Credentials

Independently verifiable evidence for regulated ICT supply and software supply chain.

Part of the wider ECZ-ID credential estate, focused on the two compliance surfaces buyers and regulators ask about most: DORA for ICT vendor evidence and SBOM for software supply chain provenance. Six tiers, plus a combined Enterprise Suite. Each tier is explained here, acquired in TrustOps, and Resolver-checked by counterparties through Resolver. Choose the tier that matches your supervised-entity footprint and release cadence.

DORA — ICT Vendor Evidence

DORA-aligned credentials for regulated financial supply

For ICT vendors supplying supervised financial entities. Replace document chase with resolver-queryable evidence supervised entities, regulators, insurers, and capital providers can confirm independently.

DORA Essentials£319.96/month

DORA-aligned ICT vendor evidence — independently verifiable in Resolver. For ICT suppliers entering DORA scope.

Baseline · Guided flow →

DORA Managed£999/month

Essentials plus managed evidence refresh workflows, supervised-entity register support, and managed compliance reviews.

Operational · Guided flow →

DORA Enterprise£2,499/month

Managed plus critical third-party oversight readiness, multi-entity ICT register operations, and board / capital disclosure.

Board / Capital · Guided flow →

Compare DORA tiers →+ SBOM? See Suite

SBOM — Software Supply Chain

SBOM credentials for serious software supply

For software suppliers whose buyers, auditors, or regulators need machine-readable SBOM evidence. Replace spreadsheets and PDFs with resolver-queryable software supply chain provenance that stays current with your release cadence.

SBOM Essentials£269.96/month

SBOM-aligned software supply chain evidence — independently verifiable in Resolver. For suppliers entering SBOM scope.

Baseline · Guided flow →

SBOM Managed£899/month

Essentials plus per-release SBOM refresh, vulnerability disclosure cadence, and component drift review support.

Operational · Guided flow →

SBOM Enterprise£2,499/month

Managed plus portfolio-wide SBOM operations, critical-infrastructure software evidence record, and board / capital disclosure.

Board / Capital · Guided flow →

Compare SBOM tiers →+ DORA? See Suite

Combined Enterprise Suite

DORA + SBOM Enterprise Suite

One coordinated programme covering both DORA Enterprise and SBOM Enterprise — under one resolver entry, with one disclosure pack and one managed lifecycle. For organisations where ICT and software supply chain are both under board, insurer, and capital scrutiny.

£4,499/monthExplain → Flow → TrustOps →

This site explains tiers and routes you into TrustOps for acquisition. Acquisition, activation, billing, and lifecycle live in TrustOps. Independent verification lives in Resolver. The site does not host checkout and does not perform verification.

How ECZ-ID Works

A consistent path from discovery to verification.

Whether you are credentialing an AI agent, a vendor, an enterprise platform, or a digital business, the ECZ-ID path follows the same shape. Developer Gateway guides discovery and build. TrustOps handles setup. Resolver remains the public proof surface for current state.

Identify Friction

Choose the blockage costing you the most

Enter Guided Flow

Step-by-step path to required credentials

Credential Checkpoint

Pause — activate the right trust objects in TrustOps

Return & Complete

Inject credentials into your build or integration

Verify & Deploy

Resolver-verifiable. Make identity resolver-verifiable to counterparties.

Full Breadth

Every Domain. One Identity Layer.

From AI agents to cargo containers, from robotaxis to industrial robots—ECZ-ID provides resolver-verifiable identity across the machine economy.

APIs, AI, Data & Software

Resolver-verifiable identity for AI agents, API endpoints, datasets, models, and software supply chains.

5 entity types

IoT & Connected Systems

Trust infrastructure for connected devices, sensors, gateways, and edge computing systems.

4 entity types

Products, Custody & Risk

Digital product passports, custody chain verification, and risk policy enforcement.

3 entity types

Robotics & Humanoids

Resolver-verifiable identity for industrial, public-space, domestic, and humanoid robotic systems.

4 entity types

Vehicles & Mobility

Trust infrastructure for robotaxis, autonomous vehicles, and haulage fleets.

3 entity types

Drones & Aerial Systems

Resolver-verifiable identity for all drone classes from micro UAVs to large autonomous aerial systems.

4 entity types

Trade, Shipping & Infrastructure

Identity infrastructure for global trade, shipping, intermodal transport, and critical systems.

6 entity types

Platforms, Marketplaces & Control Overlays

Trust overlays for platforms, marketplaces, and multi-party coordination systems.

3 entity types

Passport Families & Packages

Pre-configured identity passport bundles for common deployment patterns and industry verticals.

Catalog estate · 78 catalog entries

Proof of Range

Infrastructure-grade identity across the machine economy.

ECZ-ID operates across nine domains. These domain showcases illustrate the infrastructure depth behind the featured journeys and the wider ECZ-ID credential estate. Access any domain through your guided flow or via the domain pages.

ROBOTICS & HUMANOIDS

Robotics & Humanoids

From industrial arms to human-form robots in public environments — every autonomous physical system needs resolver-verifiable capability evidence, operator accountability, and insurer-legible safety evidence records. ECZ-ID credentials the full robotics estate through environment-based robot passports.

Industrial RobotsHumanoidsCollaborative Robots

Explore Robotics & Humanoids →

PLATFORMS & MARKETPLACES

Platforms, Marketplaces & Control Overlays

Every platform that connects buyers, sellers, agents, or services needs resolver-verifiable participants. ECZ-ID provides the identity infrastructure that makes marketplace participants verifiable and control overlays auditable at scale.

Digital MarketplacesSaaS PlatformsControl Overlays

Explore Platforms & Marketplaces →

TRADE, SHIPPING & INFRASTRUCTURE

Trade, Shipping & Infrastructure

Cross-border trade, supply chain suppliers, and physical infrastructure operators all need resolver-verifiable identity that procurement systems, customs, and institutional counterparties can evaluate without human intermediation.

Cargo & LogisticsSupply ChainCritical Infrastructure

Explore Trade & Shipping →

APIS, AI, DATA & SOFTWARE

APIs, AI, Data & Software

Every AI agent, API endpoint, dataset, and software package operating in serious commercial infrastructure needs a verifiable identity. ECZ-ID’s software domain covers the full digital supply chain — from AI provenance to API passport to software SBOM evidence record.

AI AgentsAPIs & EndpointsDatasets & Models

Explore APIs, AI & Software →

Why ECZ-ID

One identity layer. A wide credential estate.

ECZ-ID is designed to reduce trust friction across common commercial paths — agent identity, supplier eligibility, enterprise platform governance, digital counterparty posture, trade finance capital release, and construction dispute defensibility — within a wider estate of nine credential domains. Resolver-verifiable. Standards-aligned. Designed for the machine economy.

Resolver-Verifiable

Identity claims are designed to be checkable through Resolver, so a relying party can re-check current public state instead of relying on assertions alone.

Domain-Complete

Nine domains, from AI agents to cargo containers. One consistent identity model across the machine economy.

Infrastructure-Grade

Built for serious deployment. Designed to scale with resolver-verifiable identity, lifecycle state, and machine-readable proof.

Commercially Legible

Agents that are easier to evaluate, verify, onboard, and underwrite where applicable. Designed for commerce, not just technology.

Agent-Native

Designed from day one for autonomous agents that need to prove who they are in every interaction.

Standards-Aligned

Designed to align with EU DPP and relevant ISO-style evidence expectations where applicable, and with emerging machine identity frameworks. Not a certification or guarantee of standards compliance.

Read the full case for ECZ-ID →

Choose a guided route and start moving

Pick the route with the highest current friction and enter its guided flow. TrustOps handles setup, payment and lifecycle. Resolver remains the public proof surface for current state. Payment starts setup; proof appears after Backend/Core activation. No acquisition happens on this site.

Compare guided routes Re-check via Resolver