PoA for AI — demo by Soverio

An AI agent that can buy — but only what you allowed, provably, and you can stop it at any moment.

This is the live demonstration of Machine Power of Attorney: delegated authority for AI agents that is precisely scoped, independently verifiable by the counterparty, and instantly revocable — built on open identity standards and aligned with eIDAS 2.0 and the EU Digital Identity Wallet. It is the working proof behind Soverio's AI Agent Identity solution.

Enter the demo Request access The demo is access-protected. Your browser will ask for the credentials you received; if you don't have them yet, use Request access.

Why this exists

AI agents are moving from giving advice to doing things — booking, buying, negotiating, filing. That raises a question older tools cannot answer: how do you let software act for you without handing it an open-ended key? API keys and OAuth scopes cannot express "up to €120, refundable travel only, from vetted sellers, until Friday". The counterparty has no independent way to check what the agent is actually allowed to do — and when something goes wrong, "revoking" usually means hunting down keys and hoping.

The answer is a centuries-old legal instrument, made cryptographic: a power of attorney for the machine — issued as a verifiable credential, checked before every transaction, and revocable with immediate effect.

Scoped, signed authority

The owner's consent becomes a mandate credential cryptographically bound to the agent's own key: categories, per-purchase and total budget, validity window, allowed actions. The agent holds it; it cannot alter it.

A deterministic gate decides

A policy engine — never the language model — makes the yes/no call on every purchase, checking the presented mandate. Every decision is recorded with its reason, so the audit trail reconstructs consent → mandate → transaction end-to-end.

A real kill-switch

Revoke the mandate and the next verification withholds — the agent stops cryptographically, not by convention. The counterparty sees the revocation too; there is no local bypass.

What you will see inside

  1. Delegate — sign in as a demo persona, give an agent a task, and approve a scoped mandate in an explicit consent ceremony.
  2. Verify — before acting, the agent's mandate is verified against the issuer's decentralized identity (a real present-and-verify round-trip, cross-organization).
  3. Buy — the deterministic gate approves a quote that fits the mandate and denies one that doesn't; a transaction credential and signed receipts are issued on both sides.
  4. Revoke — flip the kill-switch mid-task and watch the agent stop.
SD-JWT VC OpenID4VCI / OpenID4VP did:webvh Token Status List revocation eIDAS 2.0 / EUDI-aligned

Who it's for

Organizations that want their AI agents to carry authority they can prove, bound, and revoke — and counterparties that want to verify an agent's mandate before accepting its money. The credential rails are Soverio's FastEid platform; the same pattern extends to wallets and ecosystems via the Wallet Gateway.

Want a guided walk-through or access credentials? Contact the Soverio team →