Taxonomy for Authorizations

Early authorization_id thinking...

  • we will need to track authorizations at several levels:

In the following figure you will see a few different authorizations at play. While the exact strings are notional, the namespacing concepts explored below are present.

At Ayra/ATN Level:

These follow the general format of the authorizations in the system will be managed in a tiered way, following the format ayracards:TYPE:SCOPE:ACTION.

  • Ecosystems that have the authority to issue Ayra Card. e.g. ayracards:TYPE:global:manage-issuers

  • Standardize the authority_id strings that are in use for each card type:

    • e.g. ayracards:businesscard:global:issue or ayracards:businesscard:ecosystem:issue for an Ayra businesscard type managed at the global-level (managed by Ayra) and ecosystem-level (managed by ecosystem), respectively.

    • e.g. ayracards:proofofage:ecosystem:manage-issuers

  • DECISION can a member ecosystem issue ANY kind of Ayra Card?

    • If NO (defaulting), need to manage the type of Ayra Card at the Global level, along with delegation to ecosystems to manage.

TYPE

THIS LIST WILL CHURN HEAVILY AND IS VERY NOTIONAL AT THIS TIME:

  • businesscard - the example used in early discussions of Ayra Card.

  • staffpass - similar to a businesscard but likely used more internally and with customers/clients but useful external/public.

  • membercard - membership of a particular entity (e.g. a sports team, a nonprofit)

  • agentpass - Agentic AI pass for individuals ("this is my agent, authorized for context X, wity limits Y").

  • careerpass - your career, education, project, and other information that you want to carry around

    • FPP aligned when issued by an organixatio

  • agepass - used to confirm age

  • travelerpass - used for travel (most data in payloads)

SCOPE

There are only two scopes in the Ayra Card protocol;

  • global managed at the global label by the Ayra Association

  • ecosystem the Ecosystem level only, managed by the Ecosystem Member (i.e. an Ecosystem that is a member of the Ayra Trust Network)

ACTIONS

  • grant-issue assigns the rights to manage issuers (only allowed by ATN for assignment of management to Ayra Member Ecosystems)

    • applies to an Ecosystem

  • issue - entity in question has authority to Issue that TYPE of credential

  • NOT CURRENTLY USED verify - entity in question is the authority to Verify that TYPE of credential

At

PreviousTechnical DecisionsNextLOOSE NOTES

Last updated