jidenka
Agent toolkit platform · early access

One API for your AI agents to safely operate every app you connect.

Connect an app once. Grant it to an agent. Jidenka holds the credentials in an encrypted vault, turns one call into the real provider action, and records who did what — with the risk grade shown before it runs. Your agent gets reach; it never gets your passwords.

No passwords handed to agents. jide + nka — hold the craft.

one endpoint · one credential Live
// agent → jidenka: execute a tool { "tool": "GMAIL_SEND_EMAIL", "connected_account_id": "ca_7f3k…", "risk": "R3" } // jidenka → agent: one envelope, every time { "data": { "id": "18fa…" }, "error": null, "logId": "log_a91…" }
Same shape for every app. Credentials never leave the vault.
How it works

Connect once. Grant deliberately. Let agents act — on the record.

You stay in control of what's connected and who may use it. Agents get one door, not a keyring.

STEP 01

Connect

Link an app through its own OAuth screen or an API key. The credential is envelope-encrypted and held in the vault — never handed to the agent.

STEP 02

Grant

Decide which agent may use which connection — including two accounts of the same app. Grants are explicit, least-privilege, and revocable at any moment.

STEP 03

Agents act

Your agent finds a tool, reads its schema, and executes — through one MCP or REST surface. Every call returns one envelope and writes one audit record.

The trust layer

Autonomy you can watch work.

Handing an agent real capability is a trust-critical act, so Jidenka is built to show its work: what's encrypted, what's isolated, who did what, and how risky an action is — before it runs. Below is the mechanism, described plainly.

Encrypted credential vault

Every secret is envelope-encrypted with AES-256-GCM. The ciphertext is cryptographically bound to its tenant, connection, and secret type, so it can't be moved to another record and decrypted out of context.

Agents never see secrets

Jidenka uses the stored credential server-side to call the provider on the agent's behalf. Raw tokens are never returned to the agent, and are masked (first characters, rest redacted) whenever shown to a person.

Per-tenant isolation

Data is separated with Postgres row-level security, forced under a non-owner role. Tenant and identity are derived server-side from the authenticated caller — never trusted from a value the client sends.

Decrypt only where it runs

Only the execution worker can unwrap a credential, and only in-band while performing your action. The API tier holds no decryption capability at all — a smaller, deliberately narrow surface.

Full audit trail

Every action writes one record: who acted, which tool ran, which connected account it used, the risk grade, and the outcome. Nothing consequential happens without a trace of who, what, and which account.

Least privilege, revocable

Connections request only the scopes the enabled tools need. A grant maps exactly which agent may use which connection — and you can revoke a grant, or disconnect an app entirely, at any time.

Risk ladder · R0 → R5

R0None R1Low R2Guarded R3Elevated R4High R5Severe

Read-only calls (R0) carry no side effects. Actions that move money or delete data (R4–R5) sit at the top of the ladder and are disabled by default. A tool's grade is set by its real side effects — an author can't quietly label it down.

Gmail Live
ca_7f3k · work@example.com
Healthy · token fresh
SEND_EMAILR3 · Elevated
DataCOM ERP Test
ca_2b9d · staging.datacom
Expired · reconnect required
POST_JOURNALR4 · High
Held · R4 · money movement
Flutterwave — Transfer Live
Move money from Main Balance → recipient RCP_9k2… amount ₦ 250,000.00 grade set from the tool's real side effects
Reject Approve once
Healthy Expired Insufficient scope Outage Every state carries an icon and a label — never colour alone.

Early-stage, and honest about it

Jidenka is in active development. Today it operates on the accounts its owner connects — the encrypted vault, per-tenant isolation, audit trail, and risk grading described above are how it is built and run right now. Deeper governance — human approval workflows, cloud-managed key custody, and broader multi-tenant hardening — is being rolled out as the platform matures. We would rather show you the mechanism than sell you a badge.

Give your agents reach.
Keep the craft of holding it safe.

Jidenka is in early access. If you want your agents to operate real apps without holding real passwords, get in touch and we'll set you up as connectors open.