← All articles
2026-07-04 · 6 min read

How AI agents sign up without a form (auth.md and verifiable credentials)

The signup form is the last place software still insists on a human. Agents can read the docs, call the API and pay the invoice — but account creation stops them cold. Right now agents fake their way through: they fill forms field by field, guess at CAPTCHAs, and break on every redesign, while the vendor never learns that a robot just created an account. Two patterns are emerging to replace that charade with a contract.

Pattern 1: auth.md — a machine-readable signup contract

auth.md is a convention pushed by WorkOS and adopted by companies like Cloudflare, Firecrawl and Resend: you host a Markdown file at https://yourapp.com/auth.md that tells agents, in language both a human and a model can read, how they are allowed to obtain and handle credentials — which flows you support, what scopes you grant, what the agent gets back, and what it must never do (like echoing keys into chat logs). Instead of scraping your signup page, a well-behaved agent reads the contract and follows it.

Notlogin publishes its own contract at notlogin.com/auth.md. It is the fastest way for an agent developer to learn the intended integration path without reverse engineering the UI.

Pattern 2: broker-issued verifiable credentials

auth.md tells the agent how to sign up; it does not answer the vendor's harder question: who is accountable for this account? That is what a broker credential adds. The user verifies their identity once with the broker (email, phone, wallet, KYC), pre-authorizes vendors or categories, and the agent carries an Ed25519-signed credential. The vendor verifies the signature offline and instantly knows three things a form never told it:

  • a real human, at a known proof level, stands behind this account;
  • that human explicitly authorized this vendor (or its category), with scope and expiry;
  • there is a budget attached — abuse is capped by construction, not by rate-limit whack-a-mole.

Why vendors should care about agent-driven signup abuse

The moment agents can register, they can register a thousand times. Any serious answer to agent signup has to ship with abuse control on day one. Credential-based signup inverts the economics: each account is anchored to a verified human who had to pass real proofs, and each credential carries a spend budget metered through the broker ledger. Spinning up spam accounts stops being free.

How the two patterns compose

They are complementary layers. auth.md is discovery — the README for your auth. Verifiable credentials are enforcement — the cryptographic proof that the signup is legitimate. A vendor can publish an auth.md that says, in effect: "agents welcome; present a Notlogin credential with proofs email + wallet and you get a verified-human API key with no UI step." The agent reads the contract, presents the credential, and the account exists — with more accountability than most human signups have today.

If you run a service agents want to use, the integration is a five-line SDK call. If you are a user who wants their agents to stop getting stuck at signup walls, start here.

Let your agents sign in everywhere

Verify once, pre-authorize vendors, and issue a verifiable credential your agents can use with no forms and no OAuth dance.

Get started