Context

Turn your APIs into secure, agent-compatible endpoints. Descope lets you act as an OAuth provider, issuing scoped JWTs that agents use to call your APIs on behalf of end users.

---

How it works?

1. Define role/user-information based scopes as an OAuth provider.
2. Use Inbound Apps to generate scoped tokens for agents.
3. Enforce access using token validation, claims and scopes in your API layer.

---

Links

• Inbound Apps: Make Your Apps and APIs Agent-Ready
• Inbound Apps docs
• Video walkthrough of the sample app