No autonomous commerce
Agents can learn what exists and where the merchant-owned next step lives, but they cannot spend money or place orders through this public endpoint.
A2A endpoint
Read-only agent access for profiles, checks and trust
AgntBase exposes a safe JSON-RPC endpoint for agents. It can search public profiles, read a canonical profile, compare companies, run a site readiness check, explain trust signals, report the Signed Agent Card scaffold status, verify website file placement, summarize the registry and return pricing or checkout handoff instructions. It cannot send emails, take payment, create orders or mutate profiles.
Methods
Public read-only skills
Use JSON-RPC 2.0 with POST /a2a/jsonrpc or POST /a2a/jsonrpc/. Public access is rate-limited. Partner API keys can unlock higher read limits and the extended Agent Card.
| agent.signature_status | Return the current Signed Agent Card publish-ready scaffold status, signing policy, reserved verification routes and rollout state. |
|---|---|
| get_purchase_options | Return the official pricing route, connect route and public plan options for a safe sales handoff. |
| get_checkout_instructions | Return plans, prices, checkout links, deliverables and the merchant-owned next step without taking payment automatically. |
| explain_plan_difference | Explain when standard setup is enough and when expert enhancement is a better fit. |
| profiles.search | Find public hub profiles by query, category or vertical. |
| profiles.get | Read one public canonical profile plus its permissions reference. |
| profiles.compare | Compare 2 to 5 companies without inventing missing facts. |
| get_registry_summary | Return a compact public summary of registry size, category mix and contact signal coverage. |
| site.check | Run the same AI-readiness diagnostic used by the website. |
| verify_site_placement | Check whether company-profile.json, llms.txt and agenthub.json are publicly reachable on a client website. |
| trust.explain | Explain verification status, provenance and missing trust signals. |
| packages.get | Read a public package manifest and install-file map. |
| request_profile_update | Return a guarded handoff only. Public write access is not enabled on AgntBase .com yet. |
| message/send | Simple text router: URL means site check, text means profile search. |
Compatibility aliases are accepted for some RF-style names: search_business_profiles, get_business_profile, compare_business_profiles, get_trust and get_signature_status.
Example
Search profiles
This is intentionally boring infrastructure. The point is reliability: structured input, structured output, strict guardrails.
{
"jsonrpc": "2.0",
"id": "search-1",
"method": "profiles.search",
"params": {
"query": "dentistry",
"limit": 3
}
}No private mutation
Profile edits, paid packages, outreach and CRM operations stay behind human-controlled product flows.
Partner layer later
Extended cards, signed cards, partner API keys, MCP-backed tools and human confirmation can be added without changing the public read-only contract.