TwigBush GNAP Authorization Server
Open source implementation of the Grant Negotiation and Authorization Protocol (RFC 9635) written in Go.
Enable modern, key-bound, just-in-time access control for humans and AI agents.
Open Source GNAP Server
Authorization Server
Full GNAP AS implementation with
/grant, /continue, /introspect, and JWKS endpoints. Configurable TTL, audience constraints, and step-up authentication flows.Proof-of-Possession Tokens
Support for Detached JWS, HTTP Message Signatures, DPoP, and mTLS. Short-lived, key-bound access tokens prevent replay attacks and enhance security.
Policy Engine Integration
Built-in adapter for OpenFGA and other policy engines. Implement Zanzibar-style relationship graphs for fine-grained access control.
Resource Server Toolkit
Example RS implementation and importable client libraries for token introspection and JWKS fetching. Quickly secure your APIs with GNAP.
Security First Design
Comprehensive audit logging, key rotation support, token revocation, and step-up authentication flows. Built for production environments.
AI Agent Ready
Enable secure access control for AI agents and automation. Support for machine-to-machine authentication with cryptographic key binding.
Community
Join our growing community of developers building secure access control systems with GNAP.