Enroll Your First Agent
Each AI agent that connects to Behavry gets a unique cryptographic identity. This lets Behavry attribute every action to a specific agent, enforce per-agent policies, and detect behavioral anomalies over time.
How Enrollment Works
- You generate an enrollment token in the dashboard (single-use)
- Your agent SDK or MCP client presents the token on first connection
- Behavry issues the agent a JWT credential (RS256, short-lived with auto-refresh)
- All subsequent requests are authenticated with this credential
The agent's identity persists across sessions. You can view its full audit trail, set policies specific to it, and revoke access at any time.
Enroll via the Dashboard
- Go to Settings → Agents → New Enrollment Token
- Set an optional label (e.g., "cursor-ward-laptop") and expiry
- Copy the token and follow your client integration guide
Verify the Agent Connected
After your agent makes its first call through Behavry, you'll see it appear in:
- Activity — live event feed
- Agents — roster with identity, last seen, risk tier
Agent Identity Details
Each registered agent has:
- A unique
agent_id(UUID) - A display name and optional tags
- A risk tier (Low / Medium / High / Critical) — updated continuously
- An active session
- A behavioral baseline (built up over time)
To view an agent's full profile, click its name anywhere in the dashboard.