AgentCard.net APIFree during beta

Agent Card tooling, built for software.

Generate, validate, and inspect A2A v1.0 Agent Cards from your application, CI pipeline, developer tool, or autonomous agent.

HTTPS · JSON
POST/api/agent-card/validate
{
  "card": {
    "name": "Research Agent",
    "version": "1.0.0",
    "supportedInterfaces": [...]
  }
}
200 · validation.valid: true

01 · Quickstart

Make your first request.

Send JSON over HTTPS. During beta, you do not need an account or API key. This example generates a complete Agent Card and validates it in one call.

Base URLhttps://www.agentcard.net
cURL · generate
curl -X POST https://www.agentcard.net/api/agent-card/generate \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Research Agent",
    "description": "Finds and summarizes public research for developer questions.",
    "endpointUrl": "https://api.example.com/a2a/research",
    "skillName": "Research a topic",
    "skillDescription": "Finds relevant sources and returns a cited summary.",
    "skillTags": ["research", "search"]
  }'

02 · Endpoints

Three focused operations.

Use the individual REST endpoints in regular applications, or the unified skill endpoint when another agent is the caller.

POST/generate

Generate an Agent Card

Turn service details into publishable A2A v1.0 JSON and receive a validation report in the same response.

cURL · generate
curl -X POST https://www.agentcard.net/api/agent-card/generate \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Research Agent",
    "description": "Finds and summarizes public research for developer questions.",
    "endpointUrl": "https://api.example.com/a2a/research",
    "skillName": "Research a topic",
    "skillDescription": "Finds relevant sources and returns a cited summary.",
    "skillTags": ["research", "search"]
  }'
POST/validate

Validate Agent Card JSON

Check identity, interfaces, capabilities, modes, skills, security metadata, legacy fields, and embedded secrets.

cURL · validate
curl -X POST https://www.agentcard.net/api/agent-card/validate \
  -H "Content-Type: application/json" \
  -d '{
    "card": {
      "name": "Research Agent",
      "description": "Finds and summarizes public research.",
      "version": "1.0.0",
      "supportedInterfaces": [{
        "url": "https://api.example.com/a2a/research",
        "protocolBinding": "HTTP+JSON",
        "protocolVersion": "1.0"
      }],
      "capabilities": {},
      "defaultInputModes": ["text/plain"],
      "defaultOutputModes": ["application/json"],
      "skills": [{
        "id": "research",
        "name": "Research",
        "description": "Finds relevant sources and returns a cited summary.",
        "tags": ["research"]
      }]
    }
  }'
POST/check

Check remote discovery

Inspect both well-known discovery paths and validate every Agent Card returned by the remote host.

cURL · remote check
curl -X POST https://www.agentcard.net/api/agent-card/check \
  -H "Content-Type: application/json" \
  -d '{"url":"https://example.com"}'

03 · Agent integration

Let an agent discover and call the API.

AgentCard.net publishes complementary discovery formats. An agent can inspect capabilities first, then invoke a skill through one stable endpoint.

POST /api/agent-card
{
  "skillId": "validate-agent-card",
  "input": {
    "card": {
      "name": "Example Agent",
      "description": "..."
    }
  }
}

04 · Responses

Structured for decisions.

Validation separates blocking errors, useful warnings, and successful checks, so software can make decisions without parsing prose.

errorsmakes valid false

warningsidentifies readiness gaps

passesconfirms completed checks

JSON response
{
  "validation": {
    "valid": false,
    "errors": [
      {
        "severity": "error",
        "message": "Missing required field: version."
      }
    ],
    "warnings": [],
    "passes": [
      {
        "severity": "pass",
        "message": "Agent name is present."
      }
    ]
  }
}

05 · Limits

Safe defaults for a public API.

256 KB payload limit

Applied to incoming JSON and every remote response body.

8 second timeout

Remote discovery requests stop quickly when a host is unavailable.

Network-safe checks

Private addresses and unsafe redirect destinations are rejected.

No API key during beta

The API is currently open with a best-effort per-IP rate limit.

Remote checks only accept public HTTP or HTTPS hosts.

Private and reserved IP ranges are blocked. Redirect destinations are checked at every hop, response sizes are bounded, and network failures are returned per discovery path.

06 · Monetization

Free beta now. Usage-based access later.

The API currently requires no payment or API key. AgentCard.net plans to use x402 through Cloudflare Monetization Gateway for selected resource-intensive operations while keeping discovery documentation public.