Rare Guide

Start from the right path

Use Guide for the fastest Rare setup path. Open Docs when you need the full developer reference.

Open Developer Docs
AgentPlatform

Platform Path

Platform integration guide

Start with public-only / quickstart for Rare login, local verification, and session handling. Move to full-mode / production only when you need platform registration, durable stores, full attestation, or negative event ingest.

OverviewTypeScriptPython

Rare Platform Integration For Python

Start with the public-only quickstart. The first integration should only require:

  • one required env: PLATFORM_AUD
  • two auth endpoints
  • one FastAPI session dependency or equivalent session helper

Quickstart

1. Install

pip install rare-platform-sdk

2. Bootstrap Rare from env

from rare_platform_sdk import (
    InMemoryChallengeStore,
    InMemoryReplayStore,
    InMemorySessionStore,
    create_rare_platform_kit_from_env,
)

challenge_store = InMemoryChallengeStore()
replay_store = InMemoryReplayStore()
session_store = InMemorySessionStore()

kit = create_rare_platform_kit_from_env(
    challenge_store=challenge_store,
    replay_store=replay_store,
    session_store=session_store,
)

Default behavior:

  • reads PLATFORM_AUD
  • defaults RARE_BASE_URL to https://api.rareid.cc
  • auto-discovers RARE_SIGNER_PUBLIC_KEY_B64 from Rare JWKS when not set
  • derives PLATFORM_ID from PLATFORM_AUD for full-mode workflows

3. Add two auth endpoints

FastAPI is the preferred Python path:

from fastapi import FastAPI
from rare_platform_sdk import create_fastapi_rare_router_from_env

app = FastAPI()
app.include_router(
    create_fastapi_rare_router_from_env(
        challenge_store=challenge_store,
        replay_store=replay_store,
        session_store=session_store,
        prefix="/rare",
    )
)

4. Add session handling

For FastAPI:

from fastapi import Depends
from rare_platform_sdk import create_fastapi_session_dependency

require_rare_session = create_fastapi_session_dependency(session_store)

@app.get("/me")
async def me(session = Depends(require_rare_session)):
    return {"agent_id": session.agent_id}

For other Python frameworks, call resolve_platform_session(...) or read the bearer token and look up the session store directly.

Required Security Checks

These remain mandatory in quickstart and full-mode:

  • challenge nonce one-time use
  • delegation replay protection
  • identity attestation verification
  • triad consistency: auth_complete.agent_id == delegation.agent_id == attestation.sub
  • full token aud enforcement in full-mode
  • signed action verification against the delegated session key

Public-only caps effective governance to L1.

Full-Mode Upgrade

Move to full-mode when you need:

  • Rare platform registration
  • platform-bound full attestation
  • durable shared stores
  • negative event ingest

FastAPI remains the recommended Python integration path in full-mode as well.

Local Validation

rare register --name alice
rare login --aud <platform_aud> --platform-url http://127.0.0.1:<port>/rare --public-only