If the flagged items are :exploding_head: false positives
If items relate to a ... - binary file (or some other file you wouldn't want to check at all). Please add a file path to the `excludes.txt` file matching the containing file. File paths are Perl 5 Regular Expressions - you can [test](https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files. `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude `README.md` (on whichever branch you're using). - well-formed pattern. If you can write a [pattern](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns) that would match it, try adding it to the `patterns.txt` file. Patterns are Perl 5 Regular Expressions - you can [test](https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your lines. Note that patterns can't match multiline strings.
Agent2Agent (A2A) Protocol
A2A - Page Not Found
We are attempting to redirect you to the latest version of this page.
If you are not redirected automatically, please navigate to the A2A project homepage.
================================================ FILE: docs/README.md ================================================ # A2A DocsProtobuf
The normative A2A protocol definition in Protocol Buffers (proto3 syntax). This is the source of truth for the A2A protocol specification.Download
You can download the proto file directly: [`a2a.proto`](spec/a2a.proto)Definition
```protobuf --8<-- "docs/spec/a2a.proto" ``` === "JSON"JSON
The A2A protocol JSON Schema definition (JSON Schema 2020-12 compliant). This schema is automatically generated from the protocol buffer definitions and bundled into a single file with all message definitions.Download
You can download the schema file directly: [`a2a.json`](spec/a2a.json)Definition
```json --8<-- "docs/spec/a2a.json" ``` ================================================ FILE: docs/index.md ================================================ --- hide: - toc ---
Agent2Agent (A2A) Protocol
- :material-play-circle:{ .lg .middle } **Video** Intro in <8 min
- :material-play-circle:{ .lg .middle } **Course** [DeepLearning.AI](https://deeplearning.ai) - Intro to A2A
[](https://goo.gle/dlai-a2a)
- :material-book-open:{ .lg .middle } **Read the Introduction**
Understand the core ideas behind A2A.
[:octicons-arrow-right-24: What is A2A?](./topics/what-is-a2a.md)
[:octicons-arrow-right-24: Key Concepts](./topics/key-concepts.md)
- :material-file-document-outline:{ .lg .middle } **Dive into the Specification**
Explore the detailed technical definition of the A2A protocol.
[:octicons-arrow-right-24: Protocol Specification](./specification.md)
- :material-application-cog-outline:{ .lg .middle } **Follow the Tutorials**
Build your first A2A-compliant agent with our step-by-step Python quickstart.
[:octicons-arrow-right-24: Python Tutorial](./tutorials/python/1-introduction.md)
[:octicons-arrow-right-24: Walkthrough with AI Agent Frameworks](https://github.com/holtskinner/A2AWalkthrough)
- :material-code-braces:{ .lg .middle } **Explore Code Samples**
See A2A in action with sample clients, servers, and agent framework integrations.
[:fontawesome-brands-github: GitHub Samples](https://github.com/a2aproject/a2a-samples)
- :material-code-braces:{ .lg .middle } **Download the Official SDKs**
[:fontawesome-brands-python: Python](https://github.com/a2aproject/a2a-python)
[:fontawesome-brands-js: JavaScript](https://github.com/a2aproject/a2a-js)
[:fontawesome-brands-java: Java](https://github.com/a2aproject/a2a-java)
[:octicons-code-24: C#/.NET](https://github.com/a2aproject/a2a-dotnet)
[:fontawesome-brands-golang: Golang](https://github.com/a2aproject/a2a-go)
## Why use the A2A Protocol
```mermaid
graph LR
User(🧑💻 User) <--> ClientAgent(🤖 Client Agent)
ClientAgent --> A2A1(**↔️ A2A**) --> RemoteAgent1(🤖 Remote Agent 1)
ClientAgent --> A2A2(**↔️ A2A**) --> RemoteAgent2(🤖 Remote Agent 2)
style User fill:#fdebd0,stroke:#e67e22,stroke-width:2px
style ClientAgent fill:#d6eaf8,stroke:#3498db,stroke-width:2px
style RemoteAgent1 fill:#d6eaf8,stroke:#3498db,stroke-width:2px
style RemoteAgent2 fill:#d6eaf8,stroke:#3498db,stroke-width:2px
style A2A1 fill:#ebedef,stroke:#909497,stroke-width:2px
style A2A2 fill:#ebedef,stroke:#909497,stroke-width:2px
```
- :material-account-group-outline:{ .lg .middle } **Interoperability**
Connect agents built on different platforms (LangGraph, CrewAI, Semantic Kernel, custom solutions) to create powerful, composite AI systems.
- :material-lan-connect:{ .lg .middle } **Complex Workflows**
Enable agents to delegate sub-tasks, exchange information, and coordinate actions to solve complex problems that a single agent cannot.
- :material-shield-key-outline:{ .lg .middle } **Secure & Opaque**
Agents interact without needing to share internal memory, tools, or proprietary logic, ensuring security and preserving intellectual property.
---
## How does A2A work with MCP?
{width="60%"}
{style="text-align: center; margin-bottom:1em; margin-top:1em;"}
A2A and [Model Context Protocol (MCP)](https://modelcontextprotocol.io/) are complementary standards for building robust agentic applications:
- **Model Context Protocol (MCP)**: Provides [agent-to-tool communication](https://cloud.google.com/discover/what-is-model-context-protocol). It's a complementary standard that standardizes how an agent connects to its tools, APIs, and resources to get information.
- **IBM ACP**: [Incorporated into the A2A Protocol](https://github.com/orgs/i-am-bee/discussions/5)
- **Cisco agntcy**: A framework that provides components to the Internet of Agents with discovery, group communication, identity and observability and leverages A2A and MCP for agent communication and tool calling.
- **A2A**: Provides agent-to-agent communication. As a universal, decentralized standard, A2A acts as the public internet that allows [ai agents](https://cloud.google.com/discover/what-are-ai-agents)—including those using MCP, or built with frameworks like agntcy—to interoperate, collaborate, and share their findings.
================================================
FILE: docs/llms.txt
================================================
# A2A (Agent2Agent) Protocol High-Level Summary
This project defines the **Agent2Agent (A2A) protocol**, an open standard initiated by Google and donated to the Linux Foundation, designed to enable communication and interoperability between disparate AI agent systems. It allows agents built on different frameworks (e.g., LangGraph, CrewAI, Google ADK, Genkit) to discover each other's capabilities, negotiate interaction modes, and collaborate on tasks securely without exposing internal state.
The repository contains:
1. **Formal Specification:** Protobuf definitions (`specification/a2a.proto`) and JSON Schema (`specification/json/a2a.json`).
2. **Core Concepts Documentation:** Guides on discovery, task lifecycle, streaming, and enterprise-readiness (`docs/topics/`).
3. **SDKs:** Production-ready SDKs for Python, JS/TS, Java, Go, and .NET.
4. **Sample Implementations:** Real-world examples integrated with various agent frameworks.
## Key Files & Directories
- `specification/a2a.proto`: The authoritative Protobuf definition of the protocol.
- `docs/topics/`: Detailed conceptual guides (Discovery, Lifecycle, Security, etc.).
- `docs/tutorials/`: Step-by-step guides for building A2A-compliant agents.
- `scripts/`: Utility scripts for building documentation and formatting.
# A2A (Agent2Agent) Protocol Reference
## 1. Overview
- **Purpose:** Open standard for agent-to-agent interoperability.
- **Communication Bindings:** Supports JSON-RPC 2.0 (HTTP/SSE), gRPC, and HTTP/REST.
- **Key Concepts:** Agent Cards for discovery, Task-based execution, Multi-turn Messages, and Artifact outputs.
## 2. Core Data Objects
### 2.1 AgentCard (`/.well-known/agent-card.json`)
Describes an agent's identity and capabilities.
- `name`, `description`, `version`: Identity metadata.
- `supported_interfaces`: List of `AgentInterface` (URL, protocol binding, tenant, protocol version).
- `capabilities`: `streaming`, `push_notifications`, `extended_agent_card`, `extensions`.
- `skills`: List of `AgentSkill` (id, name, description, tags, examples).
- `security_schemes`, `security_requirements`: Authentication configuration (API Key, OAuth2, OIDC, mTLS, HTTP Auth).
- `default_input_modes`, `default_output_modes`: Supported MIME types (e.g., `text/plain`, `application/json`).
### 2.2 Task
Represents a stateful unit of work.
- `id`, `context_id`: Identifiers for the task and its conversational context.
- `status`: `TaskStatus` (state, message, timestamp).
- `artifacts`: List of `Artifact` (outputs produced).
- `history`: List of `Message` (conversation history).
- `metadata`: Custom structured data.
### 2.3 TaskState (Enum)
- `SUBMITTED`, `WORKING`, `COMPLETED` (terminal), `FAILED` (terminal), `CANCELED` (terminal), `REJECTED` (terminal), `INPUT_REQUIRED` (interrupted), `AUTH_REQUIRED` (interrupted).
### 2.4 Message & Part
- `Message`: Contains `message_id`, `role` (USER/AGENT), `parts`, `context_id`, `task_id`, `reference_task_ids`.
- `Part`: Union type containing `text`, `raw` (bytes), `url`, or `data` (JSON). Includes `media_type` and `filename`.
### 2.5 Artifact
- A tangible output from a task, containing one or more `Part`s and metadata.
## 3. RPC Methods
| Method | Request | Response | Description |
| :--- | :--- | :--- | :--- |
| `SendMessage` | `SendMessageRequest` | `SendMessageResponse` | Initiates or continues a task. |
| `SendStreamingMessage` | `SendMessageRequest` | `stream StreamResponse` | Sends message and receives real-time SSE updates. |
| `GetTask` | `GetTaskRequest` | `Task` | Retrieves current task state. |
| `ListTasks` | `ListTasksRequest` | `ListTasksResponse` | Filter and paginate tasks. |
| `CancelTask` | `CancelTaskRequest` | `Task` | Requests cancellation of a task. |
| `SubscribeToTask` | `SubscribeToTaskRequest` | `stream StreamResponse` | Subscribes to updates for an existing task. |
| `GetExtendedAgentCard` | `GetExtendedAgentCardRequest` | `AgentCard` | Fetches detailed metadata after authentication. |
### 3.1 Streaming Events (`StreamResponse`)
Streams return a payload containing one of:
- `task`: Full task state.
- `message`: A discrete message part.
- `status_update`: `TaskStatusUpdateEvent` (taskId, contextId, status).
- `artifact_update`: `TaskArtifactUpdateEvent` (taskId, artifact, append, last_chunk).
## 4. Security & Authentication
- **Transport:** HTTPS/TLS required for production.
- **Authentication:** Declared in `AgentCard` via OpenAPI-style security schemes.
- **Push Notifications:** Webhooks secured via authentication tokens/schemes configured per task.
## 5. Implementation Status
- **Official SDKs:** Python (`a2a-sdk`), JS/TS (`@a2a-js/sdk`), Java, Go, C#/.NET.
- **Integrations:** LangGraph, CrewAI, Google ADK, Genkit, AG2, BeeAI, PydanticAI, and more.
================================================
FILE: docs/partners.md
================================================
# Partners
Below is a list of partners (and a link to their A2A announcement or blog post,
if available) who are part of the A2A community and are helping build, codify,
and adopt A2A as the standard protocol for AI agents to communicate and
collaborate effectively with each other and with users.
- [A2A Net](https://a2anet.com)
- [Accelirate Inc](https://www.accelirate.com)
- [Accenture](https://www.accenture.com)
- [Activeloop](https://www.activeloop.ai/)
- [Adobe](https://www.adobe.com)
- [AG2AI](https://ag2.ai)
- [AgentTrust](https://agenttrust.ai/)
- [AI21 Labs](https://www.ai21.com/)
- [AI71](https://ai71.ai/)
- [Aisera](https://aisera.com/)
- [AliCloud](http://www.alibabacloud.com)
- [Almawave.it](https://www.almawave.com/it/)
- [AmikoNet](https://amikonet.ai)
- [ArcBlock](http://www.arcblock.io)
- [Arize](https://arize.com/blog/arize-ai-and-future-of-agent-interoperability-embracing-googles-a2a-protocol/)
- [Articul8](https://www.articul8.ai/blog/unleashing-the-next-frontier-of-enterprise-ai-introducing-model-mesh-dock-and-inter-lock-and-our-a2-a-partnership-with-google)
- [ask-ai.com](https://ask-ai.com)
- [Atlassian](https://www.atlassian.com)
- [Auth0](https://auth0.com/blog/auth0-google-a2a/)
- [Autodesk](https://www.autodesk.com)
- [AWS](https://aws.amazon.com/)
- [Beekeeper](http://beekeeper.io)
- [BCG](https://www.bcg.com)
- [Block Inc](https://block.xyz/)
- [Bloomberg LP](https://techatbloomberg.com/)
- [BLUEISH Inc](https://www.blueish.co.jp/)
- [BMC Software Inc](https://www.bmc.com/it-solutions/bmc-helix.html)
- [Boomi](https://boomi.com/)
- [Box](https://www.box.com)
- [Bridge2Things Automation Process GmbH](http://bridge2things.at)
- [Cafe 24](https://www.cafe24corp.com/en/company/about)
- [C3 AI](https://c3.ai)
- [Capgemini](https://www.capgemini.com)
- [Chronosphere](https://chronosphere.io)
- [Cisco](https://www.cisco.com/)
- [Codimite PTE LTD](https://codimite.ai/)
- [Cognigy](https://www.cognigy.com/)
- [Cognizant](https://www.cognizant.com)
- [Cohere](https://cohere.com)
- [Collibra](https://www.collibra.com)
- [Confluent](https://developer.confluent.io)
- [Contextual](https://contextual.ai)
- [Cotality](https://cotality.com) (fka Corelogic)
- [Crubyt](https://www.crubyt.com)
- [Cyderes](http://www.cyderes.com)
- [Datadog](https://www.datadoghq.com)
- [DataRobot](https://www.datarobot.com)
- [DataStax](https://www.datastax.com)
- [Decagon.ai](https://decagon.ai)
- [Deloitte](https://www.prnewswire.com/news-releases/deloitte-expands-alliances-with-google-cloud-and-servicenow-to-accelerate-agentic-ai-adoption-in-the-enterprise-302423941.html)
- [Devnagri](https://devnagri.com)
- [Deutsche Telekom](https://www.telekom.com/en)
- [Dexter Tech Labs](http://www.dextertechlabs.com)
- [Distyl.ai](https://distyl.ai)
- [Elastic](https://www.elastic.co)
- [Ema.co](https://ema.co)
- [EPAM](https://www.epam.com)
- [Eviden (Atos Group)](https://atos.net/)
- [fractal.ai](https://fractal.ai/new)
- [GenAI Nebula9.ai Solutions Pvt Ltd](http://nebula9.ai)
- [Glean](https://www.glean.com)
- [Global Logic](https://www.globallogic.com/)
- [Gravitee](https://www.gravitee.io/)
- [GrowthLoop](https://growthloop.com)
- [Guru](http://www.getguru.com)
- [Harness](https://harness.io)
- [HCLTech](https://www.hcltech.com)
- [Headwaters](https://www.headwaters.co.jp)
- [Hellotars](https://hellotars.com)
- [Hexaware](https://hexaware.com/)
- [HUMAN](https://www.humansecurity.com/)
- [IBM Research](https://lfaidata.foundation/communityblog/2025/08/29/acp-joins-forces-with-a2a-under-the-linux-foundations-lf-ai-data/)
- [Incorta](https://www.incorta.com)
- [Infinitus](https://www.infinitus.ai/)
- [InfoSys](https://www.infosys.com)
- [Intuit](https://www.intuit.com)
- [Iron Mountain](https://www.ironmountain.com/)
- [JamJet](https://github.com/jamjet-labs/jamjet)
- [JetBrains](https://www.jetbrains.com)
- [JFrog](https://jfrog.com)
- [Kakao](https://www.kakaocorp.com)
- [King's College London](https://www.kcl.ac.uk/informatics)
- [KPMG](https://kpmg.com/us/en/media/news/kpmg-google-cloud-alliance-expansion-agentspace-adoption.html)
- [Kyndryl](http://www.kyndryl.com)
- [LabelBox](https://labelbox.com)
- [LangChain](https://www.langchain.com)
- [LG CNS](http://www.lgcns.com)
- [Livex.ai](https://livex.ai)
- [LlamaIndex](https://x.com/llama_index/status/1912949446322852185)
- [LTIMindTtree](https://www.ltimindtree.com)
- [Lumeris](https://www.lumeris.com/)
- [Lyzr.ai](https://lyzr.ai)
- [Magyar Telekom](https://www.telekom.hu/)
- [MasOrange](https://masorange.es/en/)
- [Microsoft](https://www.microsoft.com/en-us/microsoft-cloud/blog/2025/05/07/empowering-multi-agent-apps-with-the-open-agent2agent-a2a-protocol/)
- [MindsDB](https://mindsdb.com/blog/mindsdb-now-supports-the-agent2agent-(a2a)-protocol)
- [McKinsey](https://www.mckinsey.com)
- [MongoDB](https://www.mongodb.com)
- [Monite](https://monite.com/)
- [Neo4j](https://neo4j.com)
- [New Relic](https://newrelic.com)
- [Nisum](http://www.nisum.com)
- [Noorle Inc](http://www.noorle.com)
- [NTT DATA](https://www.nttdata.com)
- [Optimizely Inc](https://www.optimizely.com/)
- [Oracle / NetSuite](https://www.oracle.com/netsuite)
- [Palo Alto Networks](https://www.paloaltonetworks.com/)
- [PancakeAI](https://www.pancakeai.tech/)
- [ParkourSC](https://www.parkoursc.com/)
- [Pendo](https://www.pendo.io)
- [PerfAI.ai](https://perfai.ai)
- [Personal AI](https://personal.ai)
- [Pinchwork](https://pinchwork.dev)
- [Poppulo](https://www.poppulo.com/blog/poppulo-google-a2a-the-future-of-workplace-communication)
- [Productive Edge](https://www.productiveedge.com/)
- [Proofs](https://proofs.io)
- [Publicis Sapient](https://www.publicissapient.com/)
- [PWC](https://www.pwc.com)
- [Quantiphi](https://www.quantiphi.com)
- [Radix](https://radix.website/)
- [RagaAI Inc](https://raga.ai/)
- [Red Hat](https://www.redhat.com)
- [Reltio Inc](http://www.reltio.com)
- [S&P](https://www.spglobal.com)
- [Sage](https://www.sage.com/en-us/)
- [Salesforce](https://www.salesforce.com)
- [SAP](https://news.sap.com/2025/04/sap-google-cloud-enterprise-ai-open-agent-collaboration-model-choice-multimodal-intelligence/)
- [Sayone Technologies](https://www.sayonetech.com/)
- [ServiceNow](https://www.servicenow.com)
- [Siemens AG](https://siemens.com/)
- [SoftBank Corp](https://www.softbank.jp/en//)
- [Solace](https://solace.com/products/agent-mesh/)
- [Solo.io](https://www.solo.io/)
- [Stacklok, Inc](https://stacklok.com)
- [Supertab](https://www.supertab.co/post/supertab-connect-partners-with-google-cloud-to-enable-ai-agents)
- [Suzega](https://suzega.com/)
- [TCS](https://www.tcs.com)
- [Tech Mahindra](https://www.techmahindra.com/)
- [Telefonica](https://www.telefonica.com/)
- [Test Innovation Technology](https://www.test-it.com)
- [the artinet project](https://artinet.io/)
- [Think41](http://www.think41.com)
- [Thoughtworks](https://www.thoughtworks.com/)
- [Tredence](http://www.tredence.com)
- [Two Tall Totems Ltd. DBA TTT Studios](https://ttt.studio)
- [Typeface](https://typeface.ai)
- [UKG](https://www.ukg.com)
- [UiPath](https://www.uipath.com/newsroom/uipath-launches-first-enterprise-grade-platform-for-agentic-automation)
- [Upwork, Inc.](https://www.upwork.com/)
- [Ushur, Inc.](http://ushur.ai)
- [Valle AI](http://www.valleai.com.br)
- [Valtech](https://www.valtech.com/)
- [Vervelo](https://www.vervelo.com/)
- [VoltAgent](https://voltagent.dev/)
- [Weights & Biases](https://wandb.ai/wandb_fc/product-announcements-fc/reports/Powering-Agent-Collaboration-Weights-Biases-Partners-with-Google-Cloud-on-Agent2Agent-Interoperability-Protocol---VmlldzoxMjE3NDg3OA)
- [Wipro](https://www.wipro.com)
- [Workday](https://www.workday.com)
- [WritBase](https://github.com/Writbase/writbase)
- [Writer](https://writer.com)
- [Zenity](https://zenity.io)
- [Zeotap](https://www.zeotap.com)
- [Zocket Technologies , Inc.](https://zocket.ai)
- [Zoom](https://www.zoom.us)
- [zyprova](http://www.zyprova.com)
================================================
FILE: docs/roadmap.md
================================================
# A2A protocol roadmap
**Last updated:** March 10, 2026
## Near-term initiatives
- Release `1.0` version of the protocol which represents significant maturation of the protocol with enhanced clarity, stronger specifications, and important structural improvements.
- [What's New in A2A Protocol v1.0](https://a2a-protocol.org/latest/whats-new-v1/) has further updates.
- Continue to support additional [A2A extensions](topics/extensions.md) with SDK support.
- Prioritize community-led development with standardized processes for contributing to the specification, SDKs and tooling.
To review recent protocol changes see [Release Notes](https://github.com/a2aproject/A2A/releases).
## Longer term (3-6 month period) roadmap
### Governance
The TSC looks to streamline opportunities for contribution through [A2A extensions](topics/extensions.md), [Samples](https://github.com/a2aproject/a2a-samples) and participation.
### Validation
As the A2A ecosystem matures, it becomes critical for the A2A community to have tools to validate their agents. The community has launched two efforts to help with validation. Learn more about [A2A Inspector](https://github.com/a2aproject/a2a-inspector) and the [A2A Protocol Technology Compatibility Kit](https://github.com/a2aproject/a2a-tck) (TCK).
### SDKs
A2A Project currently hosts SDKs in five languages (Python, Go, JS, Java, .NET).
### Community best practices
As companies and individuals deploy A2A systems at an increasing pace, we are looking to accelerate the learning of the community by collecting and sharing the best practices and success stories that A2A enabled.
================================================
FILE: docs/robots.txt
================================================
# Allow all crawlers to access the entire site.
User-agent: *
Allow: /
# Generative AI and LLM crawlers
User-agent: GPTBot
Allow: /
User-agent: ChatGPT-User
Allow: /
User-agent: ClaudeBot
Allow: /
User-agent: Claude-Web
Allow: /
User-agent: PerplexityBot
Allow: /
User-agent: FacebookBot
Allow: /
User-agent: Applebot
Allow: /
User-agent: PerplexityBot
Allow: /
User-agent: Google-Extended
Allow: /
User-agent: GoogleOther
Allow: /
User-agent: DuckAssistBot
Allow: /
Sitemap: https://a2a-protocol.org/latest/sitemap.xml
================================================
FILE: docs/sdk/index.md
================================================
# A2A SDK
A2A currently hosts SDKs in five languages (Python, Go, JS, Java, .NET).
The following table lists the supported languages and their stability.
| Language | Support |
| :--------- | :------- |
| Python | [Stable](https://github.com/a2aproject/a2a-python) |
| Go | [Stable](https://github.com/a2aproject/a2a-go) |
| Java | [Stable](https://github.com/a2aproject/a2a-java) |
| JavaScript | [Stable](https://github.com/a2aproject/a2a-js) |
| C#/.NET | [Stable](https://github.com/a2aproject/a2a-dotnet) |
The A2A project provides numerous samples across supported languages in the [a2a-samples repository](https://github.com/a2aproject/a2a-samples).
================================================
FILE: docs/sdk/python.md
================================================
---
redirect: python/api/index.html
---
# Python SDK
Redirecting to [API reference](python/api/index.html)...
================================================
FILE: docs/specification.md
================================================
# Agent2Agent (A2A) Protocol Specification
??? note "**Latest Released Version** [`1.0.0`](https://a2a-protocol.org/v1.0.0/specification)"
**Previous Versions**
- [`0.3.0`](https://a2a-protocol.org/v0.3.0/specification)
- [`0.2.6`](https://a2a-protocol.org/v0.2.6/specification)
- [`0.1.0`](https://a2a-protocol.org/v0.1.0/specification)
See [Release Notes](https://github.com/a2aproject/A2A/releases) for changes made between versions.
## 1. Introduction
The Agent2Agent (A2A) Protocol is an open standard designed to facilitate communication and interoperability between independent, potentially opaque AI agent systems. In an ecosystem where agents might be built using different frameworks, languages, or by different vendors, A2A provides a common language and interaction model.
This document provides the detailed technical specification for the A2A protocol. Its primary goal is to enable agents to:
- Discover each other's capabilities.
- Negotiate interaction modalities (text, files, structured data).
- Manage collaborative tasks.
- Securely exchange information to achieve user goals **without needing access to each other's internal state, memory, or tools.**
### 1.1. Key Goals of A2A
- **Interoperability:** Bridge the communication gap between disparate agentic systems.
- **Collaboration:** Enable agents to delegate tasks, exchange context, and work together on complex user requests.
- **Discovery:** Allow agents to dynamically find and understand the capabilities of other agents.
- **Flexibility:** Support various interaction modes including synchronous request/response, streaming for real-time updates, and asynchronous push notifications for long-running tasks.
- **Security:** Facilitate secure communication patterns suitable for enterprise environments, relying on standard web security practices.
- **Asynchronicity:** Natively support long-running tasks and interactions that may involve human-in-the-loop scenarios.
### 1.2. Guiding Principles
- **Simple:** Reuse existing, well-understood standards (HTTP, JSON-RPC 2.0, Server-Sent Events).
- **Enterprise Ready:** Address authentication, authorization, security, privacy, tracing, and monitoring by aligning with established enterprise practices.
- **Async First:** Designed for (potentially very) long-running tasks and human-in-the-loop interactions.
- **Modality Agnostic:** Support exchange of diverse content types including text, audio/video (via file references), structured data/forms, and potentially embedded UI components (e.g., iframes referenced in parts).
- **Opaque Execution:** Agents collaborate based on declared capabilities and exchanged information, without needing to share their internal thoughts, plans, or tool implementations.
For a broader understanding of A2A's purpose and benefits, see [What is A2A?](./topics/what-is-a2a.md).
### 1.3. Specification Structure
This specification is organized into three distinct layers that work together to provide a complete protocol definition:
```mermaid
graph TB
subgraph L1 ["A2A Data Model"]
direction LR
A[Task] ~~~ B[Message] ~~~ C[AgentCard] ~~~ D[Part] ~~~ E[Artifact] ~~~ F[Extension]
end
subgraph L2 ["A2A Operations"]
direction LR
G[Send Message] ~~~ H[Stream Message] ~~~ I[Get Task] ~~~ J[List Tasks] ~~~ K[Cancel Task] ~~~ L[Get Agent Card]
end
subgraph L3 ["Protocol Bindings"]
direction LR
M[JSON-RPC Methods] ~~~ N[gRPC RPCs] ~~~ O[HTTP/REST Endpoints] ~~~ P[Custom Bindings]
end
%% Dependencies between layers
L1 --> L2
L2 --> L3
style A fill:#e1f5fe
style B fill:#e1f5fe
style C fill:#e1f5fe
style D fill:#e1f5fe
style E fill:#e1f5fe
style F fill:#e1f5fe
style G fill:#f3e5f5
style H fill:#f3e5f5
style I fill:#f3e5f5
style J fill:#f3e5f5
style K fill:#f3e5f5
style L fill:#f3e5f5
style M fill:#e8f5e8
style N fill:#e8f5e8
style O fill:#e8f5e8
style L1 fill:#f0f8ff,stroke:#333,stroke-width:2px
style L2 fill:#faf0ff,stroke:#333,stroke-width:2px
style L3 fill:#f0fff0,stroke:#333,stroke-width:2px
```
**Layer 1: Canonical Data Model** defines the core data structures and message formats that all A2A implementations must understand. These are protocol agnostic definitions expressed as Protocol Buffer messages.
**Layer 2: Abstract Operations** describes the fundamental capabilities and behaviors that A2A agents must support, independent of how they are exposed over specific protocols.
**Layer 3: Protocol Bindings** provides concrete mappings of the abstract operations and data structures to specific protocol bindings (JSON-RPC, gRPC, HTTP/REST), including method names, endpoint patterns, and protocol-specific behaviors.
This layered approach ensures that:
- Core semantics remain consistent across all protocol bindings
- New protocol bindings can be added without changing the fundamental data model
- Developers can reason about A2A operations independently of binding concerns
- Interoperability is maintained through shared understanding of the canonical data model
### 1.4 Normative Content
In addition to the protocol requirements defined in this document, the file `spec/a2a.proto` is the single authoritative normative definition of all protocol data objects and request/response messages. A generated JSON artifact (`spec/a2a.json`, produced at build time and not committed) MAY be published for convenience to tooling and the website, but it is a non-normative build artifact. SDK language bindings, schemas, and any other derived forms **MUST** be regenerated from the proto (directly or via code generation) rather than edited manually.
**Change Control and Deprecation Lifecycle:**
- Introduction: When a proto message or field is renamed, the new name is added while existing published names remain available, but marked deprecated, until the next major release.
- Documentation: Migration guidance MUST be provided via an ancillary document when introducing major breaking changes.
- Anchors: Legacy documentation anchors MUST be preserved (as hidden HTML anchors) to avoid breaking inbound links.
- SDK/Schema Aliases: SDKs and JSON Schemas SHOULD provide deprecated alias types/definitions to maintain backward compatibility.
- Removal: A deprecated name SHOULD NOT be removed earlier than the next major version after introduction of its replacement.
**Automated Generation:**
The documentation build generates `specification/json/a2a.json` on-the-fly (the file is not tracked in source control). Future improvements may publish an OpenAPI v3 + JSON Schema bundle for enhanced tooling.
**Rationale:**
Centering the proto file as the normative source ensures protocol neutrality, reduces specification drift, and provides a deterministic evolution path for the ecosystem.
## 2. Terminology
### 2.1. Requirements Language
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC 2119](https://tools.ietf.org/html/rfc2119).
### 2.2. Core Concepts
A2A revolves around several key concepts. For detailed explanations, please refer to the [Key Concepts guide](./topics/key-concepts.md).
- **A2A Client:** An application or agent that initiates requests to an A2A Server on behalf of a user or another system.
- **A2A Server (Remote Agent):** An agent or agentic system that exposes an A2A-compliant endpoint, processing tasks and providing responses.
- **Agent Card:** A JSON metadata document published by an A2A Server, describing its identity, capabilities, skills, service endpoint, and authentication requirements.
- **Message:** A communication turn between a client and a remote agent, having a `role` ("user" or "agent") and containing one or more `Parts`.
- **Task:** The fundamental unit of work managed by A2A, identified by a unique ID. Tasks are stateful and progress through a defined lifecycle.
- **Part:** The smallest unit of content within a Message or Artifact. Parts can contain text, file references, or structured data.
- **Artifact:** An output (e.g., a document, image, structured data) generated by the agent as a result of a task, composed of `Parts`.
- **Streaming:** Real-time, incremental updates for tasks (status changes, artifact chunks) delivered via protocol-specific streaming mechanisms.
- **Push Notifications:** Asynchronous task updates delivered via server-initiated HTTP POST requests to a client-provided webhook URL, for long-running or disconnected scenarios.
- **Context:** An optional identifier to logically group related tasks and messages.
- **Extension:** A mechanism for agents to provide additional functionality or data beyond the core A2A specification.
## 3. A2A Protocol Operations
This section describes the core operations of the A2A protocol in a binding-independent manner. These operations define the fundamental capabilities that all A2A implementations must support, regardless of the underlying binding mechanism.
### 3.1. Core Operations
The following operations define the fundamental capabilities that all A2A implementations must support, independent of the specific protocol binding used. For a quick reference mapping of these operations to protocol-specific method names and endpoints, see [Section 5.3 (Method Mapping Reference)](#53-method-mapping-reference). For detailed protocol-specific implementation details, see:
- [Section 9: JSON-RPC Protocol Binding](#9-json-rpc-protocol-binding)
- [Section 10: gRPC Protocol Binding](#10-grpc-protocol-binding)
- [Section 11: HTTP+JSON/REST Protocol Binding](#11-httpjsonrest-protocol-binding)
#### 3.1.1. Send Message
The primary operation for initiating agent interactions. Clients send a message to an agent and receive either a task that tracks the processing or a direct response message.
**Inputs:**
- [`SendMessageRequest`](#321-sendmessagerequest): Request object containing the message, configuration, and metadata
**Outputs:**
- [`Task`](#411-task): A task object representing the processing of the message, OR
- [`Message`](#414-message): A direct response message (for simple interactions that don't require task tracking)
**Errors:**
- [`ContentTypeNotSupportedError`](#332-error-handling): A Media Type provided in the request's message parts is not supported by the agent.
- [`UnsupportedOperationError`](#332-error-handling): Messages sent to Tasks that are in a terminal state (e.g., completed, canceled, rejected) cannot accept further messages.
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
**Behavior:**
The agent MAY create a new `Task` to process the provided message asynchronously or MAY return a direct `Message` response for simple interactions. The operation MUST return immediately with either task information or response message. Task processing MAY continue asynchronously after the response when a [`Task`](#411-task) is returned.
#### 3.1.2. Send Streaming Message
Similar to Send Message but with real-time streaming of updates during processing.
**Inputs:**
- [`SendMessageRequest`](#321-sendmessagerequest): Request object containing the message, configuration, and metadata
**Outputs:**
- [`Stream Response`](#323-stream-response) object containing:
- Initial response: [`Task`](#411-task) object OR [`Message`](#414-message) object
- Subsequent events following a `Task` MAY include stream of [`TaskStatusUpdateEvent`](#421-taskstatusupdateevent) and [`TaskArtifactUpdateEvent`](#422-taskartifactupdateevent) objects
- Final completion indicator
**Errors:**
- [`UnsupportedOperationError`](#332-error-handling): Streaming is not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`UnsupportedOperationError`](#332-error-handling): Messages sent to Tasks that are in a terminal state (e.g., completed, canceled, rejected) cannot accept further messages.
- [`ContentTypeNotSupportedError`](#332-error-handling): A Media Type provided in the request's message parts is not supported by the agent.
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
**Behavior:**
The operation MUST establish a streaming connection for real-time updates. The stream MUST follow one of these patterns:
1. **Message-only stream:** If the agent returns a [`Message`](#414-message), the stream MUST contain exactly one `Message` object and then close immediately. No task tracking or updates are provided.
2. **Task lifecycle stream:** If the agent returns a [`Task`](#411-task), the stream MUST begin with the Task object, followed by zero or more [`TaskStatusUpdateEvent`](#421-taskstatusupdateevent) or [`TaskArtifactUpdateEvent`](#422-taskartifactupdateevent) objects. The stream MUST close when the task reaches a terminal state (e.g. completed, failed, canceled, rejected).
The agent MAY return a `Task` for complex processing with status/artifact updates or MAY return a `Message` for direct streaming responses without task overhead. The implementation MUST provide immediate feedback on progress and intermediate results.
#### 3.1.3. Get Task
Retrieves the current state (including status, artifacts, and optionally history) of a previously initiated task. This is typically used for polling the status of a task initiated with message/send, or for fetching the final state of a task after being notified via a push notification or after a stream has ended.
**Inputs:**
{{ proto_to_table("GetTaskRequest") }}
See [History Length Semantics](#324-history-length-semantics) for details about `historyLength`.
**Outputs:**
- [`Task`](#411-task): Current state and artifacts of the requested task
**Errors:**
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
#### 3.1.4. List Tasks
Retrieves a list of tasks with optional filtering and pagination capabilities. This method allows clients to discover and manage multiple tasks across different contexts or with specific status criteria.
**Inputs:**
{{ proto_to_table("ListTasksRequest") }}
When `includeArtifacts` is false (the default), the artifacts field MUST be omitted entirely from each Task object in the response. The field should not be present as an empty array or null value. When `includeArtifacts` is true, the artifacts field should be included with its actual content (which may be an empty array if the task has no artifacts).
**Outputs:**
{{ proto_to_table("ListTasksResponse") }}
Note on `nextPageToken`: The `nextPageToken` field MUST always be present in the response. When there are no more results to retrieve (i.e., this is the final page), the field MUST be set to an empty string (""). Clients should check for an empty string to determine if more pages are available.
**Errors:**
None specific to this operation beyond standard protocol errors.
**Behavior:**
The operation MUST return only tasks visible to the authenticated client and MUST use cursor-based pagination for performance and consistency. Tasks MUST be sorted by last update time in descending order. Implementations MUST implement appropriate authorization scoping to ensure clients can only access authorized tasks. See [Section 13.1 Data Access and Authorization Scoping](#131-data-access-and-authorization-scoping) for detailed security requirements.
***Pagination Strategy:***
This method uses cursor-based pagination (via `pageToken`/`nextPageToken`) rather than offset-based pagination for better performance and consistency, especially with large datasets. Cursor-based pagination avoids the "deep pagination problem" where skipping large numbers of records becomes inefficient for databases. This approach is consistent with the gRPC specification, which also uses cursor-based pagination (page_token/next_page_token).
***Ordering:***
Implementations MUST return tasks sorted by their status timestamp time in descending order (most recently updated tasks first). This ensures consistent pagination and allows clients to efficiently monitor recent task activity.
#### 3.1.5. Cancel Task
Requests the cancellation of an ongoing task. The server will attempt to cancel the task, but success is not guaranteed (e.g., the task might have already completed or failed, or cancellation might not be supported at its current stage).
**Inputs:**
{{ proto_to_table("CancelTaskRequest") }}
**Outputs:**
- Updated [`Task`](#411-task) with cancellation status
**Errors:**
- [`TaskNotCancelableError`](#332-error-handling): The task is not in a cancelable state (e.g., already completed, failed, or canceled).
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
**Behavior:**
The operation attempts to cancel the specified task and returns its updated state.
#### 3.1.6. Subscribe to Task
Establishes a streaming connection to receive updates for an existing task.
**Inputs:**
{{ proto_to_table("SubscribeToTaskRequest") }}
**Outputs:**
- [`Stream Response`](#323-stream-response) object containing:
- Initial response: [`Task`](#411-task) object with current state
- Stream of [`TaskStatusUpdateEvent`](#421-taskstatusupdateevent) and [`TaskArtifactUpdateEvent`](#422-taskartifactupdateevent) objects
**Errors:**
- [`UnsupportedOperationError`](#332-error-handling): Streaming is not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
- [`UnsupportedOperationError`](#332-error-handling): The operation is attempted on a task that is in a terminal state (`completed`, `failed`, `canceled`, or `rejected`).
**Behavior:**
The operation enables real-time monitoring of task progress and can be used with any task that is not in a terminal state. The stream MUST terminate when the task reaches a terminal state (`completed`, `failed`, `canceled`, or `rejected`).
The operation MUST return a `Task` object as the first event in the stream, representing the current state of the task at the time of subscription. This prevents a potential loss of information between a call to `GetTask` and calling `SubscribeToTask`.
#### 3.1.7. Create Push Notification Config
Creates a push notification configuration for a task to receive asynchronous updates via webhook.
**Inputs:**
{{ proto_to_table("CreateTaskPushNotificationConfigRequest") }}
**Outputs:**
- [`PushNotificationConfig`](#431-pushnotificationconfig): Created configuration with assigned ID
**Errors:**
- [`PushNotificationNotSupportedError`](#332-error-handling): Push notifications are not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
**Behavior:**
The operation MUST establish a webhook endpoint for task update notifications. When task updates occur, the agent will send HTTP POST requests to the configured webhook URL with [`StreamResponse`](#323-stream-response) payloads (see [Push Notification Payload](#433-push-notification-payload) for details). This operation is only available if the agent supports push notifications capability. The configuration MUST persist until task completion or explicit deletion.
#### 3.1.8. Get Push Notification Config
Retrieves an existing push notification configuration for a task.
**Inputs:**
{{ proto_to_table("GetTaskPushNotificationConfigRequest") }}
**Outputs:**
- [`PushNotificationConfig`](#431-pushnotificationconfig): The requested configuration
**Errors:**
- [`PushNotificationNotSupportedError`](#332-error-handling): Push notifications are not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`TaskNotFoundError`](#332-error-handling): The push notification configuration does not exist.
**Behavior:**
The operation MUST return configuration details including webhook URL and notification settings. The operation MUST fail if the configuration does not exist or the client lacks access.
#### 3.1.9. List Push Notification Configs
Retrieves all push notification configurations for a task.
**Inputs:**
{{ proto_to_table("ListTaskPushNotificationConfigsRequest") }}
**Outputs:**
{{ proto_to_table("ListTaskPushNotificationConfigsResponse") }}
**Errors:**
- [`PushNotificationNotSupportedError`](#332-error-handling): Push notifications are not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist or is not accessible.
**Behavior:**
The operation MUST return all active push notification configurations for the specified task and MAY support pagination for tasks with many configurations.
#### 3.1.10. Delete Push Notification Config
Removes a push notification configuration for a task.
**Inputs:**
{{ proto_to_table("DeleteTaskPushNotificationConfigRequest") }}
**Outputs:**
- Confirmation of deletion (implementation-specific)
**Errors:**
- [`PushNotificationNotSupportedError`](#332-error-handling): Push notifications are not supported by the agent (see [Capability Validation](#334-capability-validation)).
- [`TaskNotFoundError`](#332-error-handling): The task ID does not exist.
**Behavior:**
The operation MUST permanently remove the specified push notification configuration. No further notifications will be sent to the configured webhook after deletion. This operation MUST be idempotent - multiple deletions of the same config have the same effect.
#### 3.1.11. Get Extended Agent Card
Retrieves a potentially more detailed version of the Agent Card after the client has authenticated. This endpoint is available only if `AgentCard.capabilities.extendedAgentCard` is `true`.
**Inputs:**
{{ proto_to_table("GetExtendedAgentCardRequest") }}
**Outputs:**
- [`AgentCard`](#441-agentcard): A complete Agent Card object, which may contain additional details or skills not present in the public card
**Errors:**
- [`UnsupportedOperationError`](#332-error-handling): The agent does not support authenticated extended cards (see [Capability Validation](#334-capability-validation)).
- [`ExtendedAgentCardNotConfiguredError`](#332-error-handling): The agent declares support but does not have an extended agent card configured.
**Behavior:**
- **Authentication**: The client MUST authenticate the request using one of the schemes declared in the public `AgentCard.securitySchemes` and `AgentCard.security` fields.
- **Extended Information**: The operation MAY return different details based on client authentication level, including additional skills, capabilities, or configuration not available in the public Agent Card.
- **Card Replacement**: Clients retrieving this extended card SHOULD replace their cached public Agent Card with the content received from this endpoint for the duration of their authenticated session or until the card's version changes.
- **Availability**: This operation is only available if the public Agent Card declares `capabilities.extendedAgentCard: true`.
For detailed security guidance on extended agent cards, see [Section 13.3 Extended Agent Card Access Control](#133-extended-agent-card-access-control).
### 3.2. Operation Parameter Objects
This section defines common parameter objects used across multiple operations.
#### 3.2.1. SendMessageRequest
{{ proto_to_table("SendMessageRequest") }}
#### 3.2.2. SendMessageConfiguration
{{ proto_to_table("SendMessageConfiguration") }}
**Execution Mode:**
The `return_immediately` field in [`SendMessageConfiguration`](#322-sendmessageconfiguration) controls whether the operation returns immediately or waits for task completion. Operations are blocking by default:
- **Blocking (`return_immediately: false` or unset)**: The operation MUST wait until the task reaches a terminal state (`COMPLETED`, `FAILED`, `CANCELED`, `REJECTED`) or an interrupted state (`INPUT_REQUIRED`, `AUTH_REQUIRED`) before returning. The response MUST include the latest task state with all artifacts and status information. This is the default behavior.
- **Non-Blocking (`return_immediately: true`)**: The operation MUST return immediately after creating the task, even if processing is still in progress. The returned task will have an in-progress state (e.g., `working`, `input_required`). It is the caller's responsibility to poll for updates using [Get Task](#313-get-task), subscribe via [Subscribe to Task](#316-subscribe-to-task), or receive updates via push notifications.
The `return_immediately` field has no effect:
- when the operation returns a direct [`Message`](#414-message) response instead of a task.
- for streaming operations, which always return updates in real-time.
- on configured push notification configurations, which operates independently of execution mode.
#### 3.2.3. Stream Response
{{ proto_to_table("StreamResponse") }}
This wrapper allows streaming endpoints to return different types of updates through a single response stream while maintaining type safety.
#### 3.2.4. History Length Semantics
The `historyLength` parameter appears in multiple operations and controls how much task history is returned in responses. This parameter follows consistent semantics across all operations:
- **Unset/undefined**: No limit imposed; server returns its default amount of history (implementation-defined, may be all history)
- **0**: No history should be returned; the `history` field SHOULD be omitted
- **> 0**: Return at most this many recent messages from the task's history
#### 3.2.5. Metadata
A flexible key-value map for passing additional context or parameters with operations. Metadata keys and are strings and values can be any valid value that can be represented in JSON. [`Extensions`](#46-extensions) can be used to strongly type metadata values for specific use cases.
#### 3.2.6 Service Parameters
A key-value map for passing horizontally applicable context or parameters with case-insensitive string keys and case-sensitive string values. The transmission mechanism for these service parameter key-value pairs is defined by the specific protocol binding (e.g., HTTP headers for HTTP-based bindings, gRPC metadata for gRPC bindings). Custom protocol bindings **MUST** specify how service parameters are transmitted in their binding specification.
**Standard A2A Service Parameters:**
| Name | Description | Example Value |
| :--------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------ | :-------------------------------------------------------------------------------------------- |
| `A2A-Extensions` | Comma-separated list of extension URIs that the client wants to use for the request | `https://example.com/extensions/geolocation/v1,https://standards.org/extensions/citations/v1` |
| `A2A-Version` | The A2A protocol version that the client is using. If the version is not supported, the agent returns [`VersionNotSupportedError`](#332-error-handling) | `0.3` |
As service parameter names MAY need to co-exist with other parameters defined by the underlying transport protocol or infrastructure, all service parameters defined by this specification will be prefixed with `a2a-`.
### 3.3. Operation Semantics
#### 3.3.1. Idempotency
- **Get operations** (Get Task, List Tasks, Get Extended Agent Card) are naturally idempotent
- **Send Message** operations MAY be idempotent. Agents may utilize the messageId to detect duplicate messages.
- **Cancel Task** operations are idempotent - multiple cancellation requests have the same effect. A duplicate cancellation request MAY return `TaskNotFoundError` if the task has already been canceled and purged.
#### 3.3.2. Error Handling
All operations may return errors in the following categories. Servers **MUST** return appropriate errors and **SHOULD** provide actionable information to help clients resolve issues.
**Error Categories and Server Requirements:**
- **Authentication Errors**: Invalid or missing credentials
- Servers **MUST** reject requests with invalid or missing authentication credentials
- Servers **SHOULD** include authentication challenge information in the error response
- Servers **SHOULD** specify which authentication scheme is required
- Example error codes: HTTP `401 Unauthorized`, gRPC `UNAUTHENTICATED`, JSON-RPC custom error
- Example scenarios: Missing bearer token, expired API key, invalid OAuth token
- **Authorization Errors**: Insufficient permissions for requested operation
- Servers **MUST** return an authorization error when the authenticated client lacks required permissions
- Servers **SHOULD** indicate what permission or scope is missing (without leaking sensitive information about resources the client cannot access)
- Servers **MUST NOT** reveal the existence of resources the client is not authorized to access
- Example error codes: HTTP `403 Forbidden`, gRPC `PERMISSION_DENIED`, JSON-RPC custom error
- Example scenarios: Attempting to access a task created by another user, insufficient OAuth scopes
- **Validation Errors**: Invalid input parameters or message format
- Servers **MUST** validate all input parameters before processing
- Servers **SHOULD** specify which parameter(s) failed validation and why
- Servers **SHOULD** provide guidance on valid parameter values or formats
- Example error codes: HTTP `400 Bad Request`, gRPC `INVALID_ARGUMENT`, JSON-RPC `-32602 Invalid params`
- Example scenarios: Invalid task ID format, missing required message parts, unsupported content type
- **Resource Errors**: Requested task not found or not accessible
- Servers **MUST** return a not found error when a requested resource does not exist or is not accessible to the authenticated client
- Servers **SHOULD NOT** distinguish between "does not exist" and "not authorized" to prevent information leakage
- Example error codes: HTTP `404 Not Found`, gRPC `NOT_FOUND`, JSON-RPC custom error (see A2A-specific errors)
- Example scenarios: Task ID does not exist, task has been deleted, configuration not found
- **System Errors**: Internal agent failures or temporary unavailability
- Servers **SHOULD** return appropriate error codes for temporary failures vs. permanent errors
- Servers **MAY** include retry guidance (e.g., Retry-After header in HTTP)
- Servers **SHOULD** log system errors for diagnostic purposes
- Example error codes: HTTP `500 Internal Server Error` or `503 Service Unavailable`, gRPC `INTERNAL` or `UNAVAILABLE`, JSON-RPC `-32603 Internal error`
- Example scenarios: Database connection failure, downstream service timeout, rate limit exceeded
**Error Payload Structure:**
All error responses in the A2A protocol, regardless of binding, **MUST** convey the following information:
1. **Error Code**: A machine-readable identifier for the error type (e.g., string code, numeric code, or protocol-specific status)
2. **Error Message**: A human-readable description of the error
3. **Error Details** (optional): Additional structured information about the error, such as:
- Affected fields or parameters
- Contextual information (e.g., task ID, timestamp)
- Suggestions for resolution
Protocol bindings **MUST** map these elements to their native error representations while preserving semantic meaning. See binding-specific sections for concrete error format examples: [JSON-RPC Error Handling](#95-error-handling), [gRPC Error Handling](#106-error-handling), and [HTTP/REST Error Handling](#116-error-handling).
**A2A-Specific Errors:**
| Error Name | Description |
| :------------------------------------ | :---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `TaskNotFoundError` | The specified task ID does not correspond to an existing or accessible task. It might be invalid, expired, or already completed and purged. |
| `TaskNotCancelableError` | An attempt was made to cancel a task that is not in a cancelable state (e.g., it has already reached a terminal state like `completed`, `failed`, or `canceled`). |
| `PushNotificationNotSupportedError` | Client attempted to use push notification features but the server agent does not support them (i.e., `AgentCard.capabilities.pushNotifications` is `false`). |
| `UnsupportedOperationError` | The requested operation or a specific aspect of it is not supported by this server agent implementation. |
| `ContentTypeNotSupportedError` | A Media Type provided in the request's message parts or implied for an artifact is not supported by the agent or the specific skill being invoked. |
| `InvalidAgentResponseError` | An agent returned a response that does not conform to the specification for the current method. |
| `ExtendedAgentCardNotConfiguredError` | The agent does not have an extended agent card configured when one is required for the requested operation. |
| `ExtensionSupportRequiredError` | Server requested use of an extension marked as `required: true` in the Agent Card but the client did not declare support for it in the request. |
| `VersionNotSupportedError` | The A2A protocol version specified in the request (via `A2A-Version` service parameter) is not supported by the agent. |
#### 3.3.3. Asynchronous Processing
A2A operations are designed for asynchronous task execution. Operations return immediately with either [`Task`](#411-task) objects or [`Message`](#414-message) objects, and when a Task is returned, processing continues in the background. Clients retrieve task updates through polling, streaming, or push notifications (see [Section 3.5](#35-task-update-delivery-mechanisms)). Agents MAY accept additional messages for tasks in non-terminal states to enable multi-turn interactions (see [Section 3.4](#34-multi-turn-interactions)).
#### 3.3.4. Capability Validation
Agents declare optional capabilities in their [`AgentCard`](#441-agentcard). When clients attempt to use operations or features that require capabilities not declared as supported in the Agent Card, the agent **MUST** return an appropriate error response:
- **Push Notifications**: If `AgentCard.capabilities.pushNotifications` is `false` or not present, operations related to push notification configuration (Create, Get, List, Delete) **MUST** return [`PushNotificationNotSupportedError`](#332-error-handling).
- **Streaming**: If `AgentCard.capabilities.streaming` is `false` or not present, attempts to use `SendStreamingMessage` or `SubscribeToTask` operations **MUST** return [`UnsupportedOperationError`](#332-error-handling).
- **Extended Agent Card**: If `AgentCard.capabilities.extendedAgentCard` is `false` or not present, attempts to call the Get Extended Agent Card operation **MUST** return [`UnsupportedOperationError`](#332-error-handling). If the agent declares support but has not configured an extended card, it **MUST** return [`ExtendedAgentCardNotConfiguredError`](#332-error-handling).
- **Extensions**: When a server requests use of an extension marked as `required: true` in the Agent Card but the client does not declare support for it, the agent **MUST** return [`ExtensionSupportRequiredError`](#332-error-handling).
Clients **SHOULD** validate capability support by examining the Agent Card before attempting operations that require optional capabilities.
### 3.4. Multi-Turn Interactions
The A2A protocol supports multi-turn conversations through context identifiers and task references, enabling agents to maintain conversational continuity across multiple interactions.
#### 3.4.1. Context Identifier Semantics
A `contextId` is an identifier that logically groups multiple related [`Task`](#411-task) and [`Message`](#414-message) objects, providing continuity across a series of interactions.
**Generation and Assignment:**
- Agents **MAY** generate a new `contextId` when processing a [`Message`](#414-message) that does not include a `contextId` field
- If an agent generates a new `contextId`, it **MUST** be included in the response (either [`Task`](#411-task) or [`Message`](#414-message))
- Agents **MAY** accept and preserve client-provided `contextId` values
- If an agent cannot accept a client-provided `contextId`, it **MUST** reject the request with an error and **MUST NOT** generate a new `contextId` for the response
- Clients **SHOULD NOT** provide a client-generated `contextId` to a server unless they understand how the server will process that `contextId`
- Server-generated `contextId` values **SHOULD** be treated as opaque identifiers by clients
**Grouping and Scope:**
- A `contextId` logically groups multiple [`Task`](#411-task) objects and [`Message`](#414-message) objects that are part of the same conversational context
- All tasks and messages with the same `contextId` **SHOULD** be treated as part of the same conversational session
- Agents **MAY** use the `contextId` to maintain internal state, conversational history, or LLM context across multiple interactions
- Agents **MAY** implement context expiration or cleanup policies and **SHOULD** document any such policies
#### 3.4.2. Task Identifier Semantics
A `taskId` is a unique identifier for a [`Task`](#411-task) object, representing a stateful unit of work with a defined lifecycle.
**Generation and Assignment:**
- Task IDs are **server-generated** when a new task is created in response to a [`Message`](#414-message)
- Agents **MUST** generate a unique `taskId` for each new task they create
- The generated `taskId` **MUST** be included in the [`Task`](#411-task) object returned to the client
- When a client includes a `taskId` in a [`Message`](#414-message), it **MUST** reference an existing task
- Agents **MUST** return a [`TaskNotFoundError`](#332-error-handling) if the provided `taskId` does not correspond to an existing task
- Client-provided `taskId` values for creating new tasks is **NOT** supported
#### 3.4.3. Multi-Turn Conversation Patterns
The A2A protocol supports several patterns for multi-turn interactions:
**Context Continuity:**
- [`Task`](#411-task) objects maintain conversation context through the `contextId` field
- Clients **MAY** include the `contextId` in subsequent messages to indicate continuation of a previous interaction
- Clients **MAY** use `taskId` (with or without `contextId`) to continue or refine a specific task
- Clients **MAY** use `contextId` without `taskId` to start a new task within an existing conversation context
- Agents **MUST** infer `contextId` from the task if only `taskId` is provided
- Agents **MUST** reject messages containing mismatching `contextId` and `taskId` (i.e., the provided `contextId` is different from that of the referenced [`Task`](#411-task)).
**Input Required State:**
- Agents can request additional input mid-processing by transitioning a task to the `input-required` state
- The client continues the interaction by sending a new message with the same `taskId` and `contextId`
**Follow-up Messages:**
- Clients can send additional messages with `taskId` references to continue or refine existing tasks
- Clients **SHOULD** use the `referenceTaskIds` field in [`Message`](#414-message) to explicitly reference related tasks
- Agents **SHOULD** use referenced tasks to understand the context and intent of follow-up requests
**Context Inheritance:**
- New tasks created within the same `contextId` can inherit context from previous interactions
- Agents **SHOULD** leverage the shared `contextId` to provide contextually relevant responses
### 3.5. Task Update Delivery Mechanisms
The A2A protocol provides three complementary mechanisms for clients to receive updates about task progress and completion.
#### 3.5.1. Overview of Update Mechanisms
**Polling (Get Task):**
- Client periodically calls Get Task ([Section 3.1.3](#313-get-task)) to check task status
- Simple to implement, works with all protocol bindings
- Higher latency, potential for unnecessary requests
- Best for: Simple integrations, infrequent updates, clients behind restrictive firewalls
**Streaming:**
- Real-time delivery of events as they occur
- Operations: Stream Message ([Section 3.1.2](#312-send-streaming-message)) and Subscribe to Task ([Section 3.1.6](#316-subscribe-to-task))
- Low latency, efficient for frequent updates
- Requires persistent connection support
- Best for: Interactive applications, real-time dashboards, live progress monitoring
- Requires `AgentCard.capabilities.streaming` to be `true`
**Push Notifications (WebHooks):**
- Agent sends HTTP POST requests to client-registered endpoints when task state changes
- Client does not maintain persistent connection
- Asynchronous delivery, client must be reachable via HTTP
- Best for: Server-to-server integrations, long-running tasks, event-driven architectures
- Operations: Create ([Section 3.1.7](#317-create-push-notification-config)), Get ([Section 3.1.8](#76-taskspushnotificationconfigget)), List ([Section 3.1.9](#319-list-push-notification-configs)), Delete ([Section 3.1.10](#3110-delete-push-notification-config))
- Event types: TaskStatusUpdateEvent ([Section 4.2.1](#421-taskstatusupdateevent)), TaskArtifactUpdateEvent ([Section 4.2.2](#422-taskartifactupdateevent)), WebHook payloads ([Section 4.3](#43-push-notification-objects))
- Requires `AgentCard.capabilities.pushNotifications` to be `true`
- Regardless of the protocol binding being used by the agent, WebHook calls use plain HTTP and the JSON payloads as defined in the HTTP protocol binding
#### 3.5.2. Streaming Event Delivery
**Event Ordering:**
All implementations MUST deliver events in the order they were generated. Events MUST NOT be reordered during transmission, regardless of protocol binding.
**Multiple Streams Per Task:**
An agent MAY serve multiple concurrent streams to one or more clients for the same task. This allows multiple clients (or the same client with multiple connections) to independently subscribe to and receive updates about a task's progress.
When multiple streams are active for a task:
- Events MUST be broadcast to all active streams for that task
- Each stream MUST receive the same events in the same order
- Closing one stream MUST NOT affect other active streams for the same task
- The task lifecycle is independent of any individual stream's lifecycle
This capability enables scenarios such as:
- Multiple team members monitoring the same long-running task
- A client reconnecting to a task after a network interruption by opening a new stream
- Different applications or dashboards displaying real-time updates for the same task
#### 3.5.3. Push Notification Delivery
Push notifications are delivered via HTTP POST to client-registered webhook endpoints. The delivery semantics and reliability guarantees are defined in [Section 4.3](#43-push-notification-objects).
### 3.6 Versioning
The specific version of the A2A protocol in use is identified using the `Major.Minor` elements (e.g. `1.0`) of the corresponding A2A specification version. Patch version numbers used by the specification, do not affect protocol compatibility. Patch version numbers SHOULD NOT be used in requests, responses and Agent Cards, and MUST not be considered when clients and servers negotiate protocol versions.
#### 3.6.1 Client Responsibilities
Clients MUST send the `A2A-Version` header with each request to maintain compatibility after an agent upgrades to a new version of the protocol (except for 0.3 Clients - 0.3 will be assumed for empty header). Sending the `A2A-Version` header also provides visibility to agents about version usage in the ecosystem, which can help inform the risks of inplace version upgrades.
**Example of HTTP GET Request with Version Header:**
```http
GET /tasks/task-123 HTTP/1.1
Host: agent.example.com
A2A-Version: 1.0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Accept: application/json
```
Clients MAY provide the `A2A-Version` as a request parameter instead of a header.
**Example of HTTP GET Request with Version request parameter:**
```http
GET /tasks/task-123?A2A-Version=1.0 HTTP/1.1
Host: agent.example.com
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Accept: application/json
```
#### 3.6.2 Server Responsibilities
Agents MUST process requests using the semantics of the requested `A2A-Version` (matching `Major.Minor`). If the version is not supported by the interface, agents MUST return a [`VersionNotSupportedError`](#332-error-handling).
Agents MUST interpret empty value as 0.3 version.
Agents CAN expose multiple interfaces for the same transport with different versions under the same or different URLs.
#### 3.6.3 Tooling support
Tooling libraries and SDKs that implement the A2A protocol MUST provide mechanisms to help clients manage protocol versioning, such as negotiation of the transport and protocol version used. Client Agents that require the latest features of the protocol should be configured to request specific versions and avoid automatic fallback to older versions, to prevent silently losing functionality.
### 3.7 Messages and Artifacts
Messages and Artifacts serve distinct purposes within the A2A protocol. The core interaction model defined by A2A is for clients to send messages to initiate a task that produces one or more artifacts.
Messages play several key roles:
- **Task Initiation**: Clients send Messages to agents to initiate new tasks.
- **Clarification Messages**: Agents may send Messages back to the client to request clarification prior to initiating a task.
- **Status Messages**: Agents attach Messages to status update events to inform clients about task progress, request additional input, or provide informational updates.
- **Task Interaction**: Clients send Messages to provide additional input or instructions for ongoing tasks.
Messages SHOULD NOT be used to deliver task outputs. Results SHOULD BE returned using Artifacts associated with a Task. This separation allows for a clear distinction between communication (Messages) and data output (Artifacts).
The Task History field contains Messages exchanged during task execution. However, not all Messages are guaranteed to be persisted in the Task history; for example, transient informational messages may not be stored. Messages exchanged prior to task creation may not be stored in Task history. The agent is responsible to determine which Messages are persisted in the Task History.
Clients using streaming to retrieve task updates MAY not receive all status update messages if the client is disconnected and then reconnects. Messages MUST NOT be considered a reliable delivery mechanism for critical information.
Agents MAY choose to persist all Messages that contain important information in the Task history to ensure clients can retrieve it later. However, clients MUST NOT rely on this behavior unless negotiated out-of-band.
## 4. Protocol Data Model
The A2A protocol defines a canonical data model using Protocol Buffers. All protocol bindings **MUST** provide functionally equivalent representations of these data structures.
### 4.1. Core Objects
#### 4.1.1. Task
{{ proto_to_table("Task") }}
#### 4.1.2. TaskStatus
{{ proto_to_table("TaskStatus") }}
#### 4.1.3. TaskState
{{ proto_enum_to_table("TaskState") }}
#### 4.1.4. Message
{{ proto_to_table("Message") }}
#### 4.1.5. Role
{{ proto_enum_to_table("Role") }}
#### 4.1.6. Part
{{ proto_to_table("Part") }}
#### 4.1.7. Artifact
{{ proto_to_table("Artifact") }}
### 4.2. Streaming Events
#### 4.2.1. TaskStatusUpdateEvent
{{ proto_to_table("TaskStatusUpdateEvent") }}
#### 4.2.2. TaskArtifactUpdateEvent
{{ proto_to_table("TaskArtifactUpdateEvent") }}
### 4.3. Push Notification Objects
#### 4.3.1. PushNotificationConfig
{{ proto_to_table("PushNotificationConfig") }}
#### 4.3.2. AuthenticationInfo
{{ proto_to_table("AuthenticationInfo") }}
#### 4.3.3. Push Notification Payload
When a task update occurs, the agent sends an HTTP POST request to the configured webhook URL. The payload uses the same [`StreamResponse`](#323-stream-response) format as streaming operations, allowing push notifications to deliver the same event types as real-time streams.
**Request Format:**
```http
POST {webhook_url}
Authorization: {authentication_scheme} {credentials}
Content-Type: application/json
{
/* StreamResponse object - one of: */
"task": { /* Task object */ },
"message": { /* Message object */ },
"statusUpdate": { /* TaskStatusUpdateEvent object */ },
"artifactUpdate": { /* TaskArtifactUpdateEvent object */ }
}
```
**Payload Structure:**
The webhook payload is a [`StreamResponse`](#323-stream-response) object containing exactly one of the following:
- **task**: A [`Task`](#411-task) object with the current task state
- **message**: A [`Message`](#414-message) object containing a message response
- **statusUpdate**: A [`TaskStatusUpdateEvent`](#421-taskstatusupdateevent) indicating a status change
- **artifactUpdate**: A [`TaskArtifactUpdateEvent`](#422-taskartifactupdateevent) indicating artifact updates
**Authentication:**
The agent MUST include authentication credentials in the request headers as specified in the [`PushNotificationConfig.authentication`](#432-authenticationinfo) field. The format follows standard HTTP authentication patterns (Bearer tokens, Basic auth, etc.).
**Client Responsibilities:**
- Clients MUST respond with HTTP 2xx status codes to acknowledge successful receipt
- Clients SHOULD process notifications idempotently, as duplicate deliveries may occur
- Clients MUST validate the task ID matches an expected task
- Clients SHOULD implement appropriate security measures to verify the notification source
**Server Guarantees:**
- Agents MUST attempt delivery at least once for each configured webhook
- Agents MAY implement retry logic with exponential backoff for failed deliveries
- Agents SHOULD include a reasonable timeout for webhook requests (recommended: 10-30 seconds)
- Agents MAY stop attempting delivery after a configured number of consecutive failures
For detailed security guidance on push notifications, see [Section 13.2 Push Notification Security](#132-push-notification-security).
### 4.4. Agent Discovery Objects
#### 4.4.1. AgentCard
{{ proto_to_table("AgentCard") }}
#### 4.4.2. AgentProvider
{{ proto_to_table("AgentProvider") }}
#### 4.4.3. AgentCapabilities
{{ proto_to_table("AgentCapabilities") }}
#### 4.4.4. AgentExtension
{{ proto_to_table("AgentExtension") }}
#### 4.4.5. AgentSkill
{{ proto_to_table("AgentSkill") }}
#### 4.4.6. AgentInterface
{{ proto_to_table("AgentInterface") }}
#### 4.4.7. AgentCardSignature
{{ proto_to_table("AgentCardSignature") }}
### 4.5. Security Objects
#### 4.5.1. SecurityScheme
{{ proto_to_table("SecurityScheme") }}
#### 4.5.2. APIKeySecurityScheme
{{ proto_to_table("APIKeySecurityScheme") }}
#### 4.5.3. HTTPAuthSecurityScheme
{{ proto_to_table("HTTPAuthSecurityScheme") }}
#### 4.5.4. OAuth2SecurityScheme
{{ proto_to_table("OAuth2SecurityScheme") }}
#### 4.5.5. OpenIdConnectSecurityScheme
{{ proto_to_table("OpenIdConnectSecurityScheme") }}
#### 4.5.6. MutualTlsSecurityScheme
{{ proto_to_table("MutualTlsSecurityScheme") }}
#### 4.5.7. OAuthFlows
{{ proto_to_table("OAuthFlows") }}
#### 4.5.8. AuthorizationCodeOAuthFlow
{{ proto_to_table("AuthorizationCodeOAuthFlow") }}
#### 4.5.9. ClientCredentialsOAuthFlow
{{ proto_to_table("ClientCredentialsOAuthFlow") }}
#### 4.5.10. DeviceCodeOAuthFlow
{{ proto_to_table("DeviceCodeOAuthFlow") }}
### 4.6. Extensions
The A2A protocol supports extensions to provide additional functionality or data beyond the core specification while maintaining backward compatibility and interoperability. Extensions allow agents to declare additional capabilities such as protocol enhancements or vendor-specific features, maintain compatibility with clients that don't support specific extensions, enable innovation through experimental or domain-specific features without modifying the core protocol, and facilitate standardization by providing a pathway for community-developed features to become part of the core specification.
#### 4.6.1. Extension Declaration
Agents declare their supported extensions in the [`AgentCard`](#441-agentcard) using the `extensions` field, which contains an array of [`AgentExtension`](#444-agentextension) objects.
*Example: Agent declaring extension support in AgentCard:*
```json
{
"name": "Research Assistant Agent",
"description": "AI agent for academic research and fact-checking",
"supportedInterfaces": [
{
"url": "https://research-agent.example.com/a2a/v1",
"protocolBinding": "HTTP+JSON",
"protocolVersion": "0.3",
}
],
"capabilities": {
"streaming": false,
"pushNotifications": false,
"extensions": [
{
"uri": "https://standards.org/extensions/citations/v1",
"description": "Provides citation formatting and source verification",
"required": false
},
{
"uri": "https://example.com/extensions/geolocation/v1",
"description": "Location-based search capabilities",
"required": false
}
]
},
"defaultInputModes": ["text/plain"],
"defaultOutputModes": ["text/plain"],
"skills": [
{
"id": "academic-research",
"name": "Academic Research Assistant",
"description": "Provides research assistance with citations and source verification",
"tags": ["research", "citations", "academic"],
"examples": ["Find peer-reviewed articles on climate change"],
"inputModes": ["text/plain"],
"outputModes": ["text/plain"]
}
]
}
```
Clients indicate their desire to opt into the use of specific extensions through binding-specific mechanisms such as HTTP headers, gRPC metadata, or JSON-RPC request parameters that identify the extension identifiers they wish to utilize during the interaction.
*Example: HTTP client opting into extensions using headers:*
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/json
Authorization: Bearer token
A2A-Extensions: https://example.com/extensions/geolocation/v1,https://standards.org/extensions/citations/v1
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "Find restaurants near me"}],
"extensions": ["https://example.com/extensions/geolocation/v1"],
"metadata": {
"https://example.com/extensions/geolocation/v1": {
"latitude": 37.7749,
"longitude": -122.4194
}
}
}
}
```
#### 4.6.2. Extensions Points
Extensions can be integrated into the A2A protocol at several well-defined extension points:
**Message Extensions:**
Messages can be extended to allow clients to provide additional strongly typed context or parameters relevant to the message being sent, or TaskStatus Messages to include extra information about the task's progress.
*Example: A location extension using the extensions and metadata arrays:*
```json
{
"role": "ROLE_USER",
"parts": [
{"text": "Find restaurants near me"}
],
"extensions": ["https://example.com/extensions/geolocation/v1"],
"metadata": {
"https://example.com/extensions/geolocation/v1": {
"latitude": 37.7749,
"longitude": -122.4194,
"accuracy": 10.0,
"timestamp": "2025-10-21T14:30:00Z"
}
}
}
```
**Artifact Extensions:**
Artifacts can include extension data to provide strongly typed context or metadata about the generated content.
*Example: An artifact with citation extension for research sources:*
```json
{
"artifactId": "research-summary-001",
"name": "Climate Change Summary",
"parts": [
{
"text": "Global temperatures have risen by 1.1°C since pre-industrial times, with significant impacts on weather patterns and sea levels."
}
],
"extensions": ["https://standards.org/extensions/citations/v1"],
"metadata": {
"https://standards.org/extensions/citations/v1": {
"sources": [
{
"title": "Global Temperature Anomalies - 2023 Report",
"authors": ["Smith, J.", "Johnson, M."],
"url": "https://climate.gov/reports/2023-temperature",
"accessDate": "2025-10-21",
"relevantText": "Global temperatures have risen by 1.1°C"
}
]
}
}
}
```
#### 4.6.3. Extension Versioning and Compatibility
Extensions **SHOULD** include version information in their URI identifier. This allows clients and agents to negotiate compatible versions of extensions during interactions. A new URI **MUST** be created for breaking changes to an extension.
If a client requests a versions of an extension that the agent does not support, the agent **SHOULD** ignore the extension for that interaction and proceed without it, unless the extension is marked as `required` in the AgentCard, in which case the agent **MUST** return an error indicating unsupported extension. It **MUST NOT** fall back to a previous version of the extension automatically.
## 5. Protocol Binding Requirements and Interoperability
### 5.1. Functional Equivalence Requirements
When an agent supports multiple protocols, all supported protocols **MUST**:
- **Identical Functionality**: Provide the same set of operations and capabilities
- **Consistent Behavior**: Return semantically equivalent results for the same requests
- **Same Error Handling**: Map errors consistently using appropriate protocol-specific codes
- **Equivalent Authentication**: Support the same authentication schemes declared in the AgentCard
### 5.2. Protocol Selection and Negotiation
- **Agent Declaration**: Agents **MUST** declare all supported protocols in their AgentCard
- **Client Choice**: Clients **MAY** choose any protocol declared by the agent
- **Fallback Behavior**: Clients **SHOULD** implement fallback logic for alternative protocols
### 5.3. Method Mapping Reference
| Functionality | JSON-RPC Method | gRPC Method | REST Endpoint |
| :------------------------------ | :--------------------------------- | :--------------------------------- | :------------------------------------------------------ |
| Send message | `SendMessage` | `SendMessage` | `POST /message:send` |
| Stream message | `SendStreamingMessage` | `SendStreamingMessage` | `POST /message:stream` |
| Get task | `GetTask` | `GetTask` | `GET /tasks/{id}` |
| List tasks | `ListTasks` | `ListTasks` | `GET /tasks` |
| Cancel task | `CancelTask` | `CancelTask` | `POST /tasks/{id}:cancel` |
| Subscribe to task | `SubscribeToTask` | `SubscribeToTask` | `POST /tasks/{id}:subscribe` |
| Create push notification config | `CreateTaskPushNotificationConfig` | `CreateTaskPushNotificationConfig` | `POST /tasks/{id}/pushNotificationConfigs` |
| Get push notification config | `GetTaskPushNotificationConfig` | `GetTaskPushNotificationConfig` | `GET /tasks/{id}/pushNotificationConfigs/{configId}` |
| List push notification configs | `ListTaskPushNotificationConfigs` | `ListTaskPushNotificationConfigs` | `GET /tasks/{id}/pushNotificationConfigs` |
| Delete push notification config | `DeleteTaskPushNotificationConfig` | `DeleteTaskPushNotificationConfig` | `DELETE /tasks/{id}/pushNotificationConfigs/{configId}` |
| Get extended Agent Card | `GetExtendedAgentCard` | `GetExtendedAgentCard` | `GET /extendedAgentCard` |
### 5.4. Error Code Mappings
All A2A-specific errors defined in [Section 3.3.2](#332-error-handling) **MUST** be mapped to binding-specific error representations. The following table provides the canonical mappings for each standard protocol binding:
| A2A Error Type | JSON-RPC Code | gRPC Status | HTTP Status |
| :------------------------------------ | :------------ | :-------------------- | :--------------------------- |
| `TaskNotFoundError` | `-32001` | `NOT_FOUND` | `404 Not Found` |
| `TaskNotCancelableError` | `-32002` | `FAILED_PRECONDITION` | `409 Conflict` |
| `PushNotificationNotSupportedError` | `-32003` | `UNIMPLEMENTED` | `400 Bad Request` |
| `UnsupportedOperationError` | `-32004` | `UNIMPLEMENTED` | `400 Bad Request` |
| `ContentTypeNotSupportedError` | `-32005` | `INVALID_ARGUMENT` | `415 Unsupported Media Type` |
| `InvalidAgentResponseError` | `-32006` | `INTERNAL` | `502 Bad Gateway` |
| `ExtendedAgentCardNotConfiguredError` | `-32007` | `FAILED_PRECONDITION` | `400 Bad Request` |
| `ExtensionSupportRequiredError` | `-32008` | `FAILED_PRECONDITION` | `400 Bad Request` |
| `VersionNotSupportedError` | `-32009` | `UNIMPLEMENTED` | `400 Bad Request` |
**Custom Binding Requirements:**
Custom protocol bindings **MUST** define equivalent error code mappings that preserve the semantic meaning of each A2A error type. The binding specification **SHOULD** provide a similar mapping table showing how each A2A error type is represented in the custom binding's native error format.
For binding-specific error structures and examples, see:
- [JSON-RPC Error Handling](#95-error-handling)
- [gRPC Error Handling](#106-error-handling)
- [HTTP/REST Error Handling](#116-error-handling)
### 5.5. JSON Field Naming Convention
All JSON serializations of the A2A protocol data model **MUST** use **camelCase** naming for field names, not the snake_case convention used in Protocol Buffer definitions.
**Naming Convention:**
- Protocol Buffer field: `protocol_version` → JSON field: `protocolVersion`
- Protocol Buffer field: `context_id` → JSON field: `contextId`
- Protocol Buffer field: `default_input_modes` → JSON field: `defaultInputModes`
- Protocol Buffer field: `push_notification_config` → JSON field: `pushNotificationConfig`
**Enum Values:**
- Enum values **MUST** be represented according to the [ProtoJSON specification](https://protobuf.dev/programming-guides/json/), which serializes enums as their string names **as defined in the Protocol Buffer definition** (typically SCREAMING_SNAKE_CASE).
**Examples:**
- Protocol Buffer enum: `TASK_STATE_INPUT_REQUIRED` → JSON value: `"TASK_STATE_INPUT_REQUIRED"`
- Protocol Buffer enum: `ROLE_USER` → JSON value: `"ROLE_USER"`
**Note:** This follows the ProtoJSON specification as adopted in [ADR-001](../adrs/adr-001-protojson-serialization.md).
### 5.6. Data Type Conventions
This section documents conventions for common data types used throughout the A2A protocol, particularly as they apply to protocol bindings.
#### 5.6.1. Timestamps
The A2A protocol uses [`google.protobuf.Timestamp`](https://protobuf.dev/reference/protobuf/google.protobuf/#timestamp) for all timestamp fields in the Protocol Buffer definitions. When serialized to JSON (in JSON-RPC, HTTP/REST, or other JSON-based bindings), these timestamps **MUST** be represented as ISO 8601 formatted strings in UTC timezone.
**Format Requirements:**
- **Format:** ISO 8601 combined date and time representation
- **Timezone:** UTC (denoted by 'Z' suffix)
- **Precision:** Millisecond precision **SHOULD** be used where available
- **Pattern:** `YYYY-MM-DDTHH:mm:ss.sssZ`
**Examples:**
```json
{
"timestamp": "2025-10-28T10:30:00.000Z",
"createdAt": "2025-10-28T14:25:33.142Z",
"lastModified": "2025-10-31T17:45:22.891Z"
}
```
**Implementation Notes:**
- Protocol Buffer's `google.protobuf.Timestamp` represents time as seconds since Unix epoch (January 1, 1970, 00:00:00 UTC) plus nanoseconds
- JSON serialization automatically converts this to ISO 8601 format when using standard Protocol Buffer JSON encoding
- Clients and servers **MUST** parse and generate ISO 8601 timestamps correctly
- When millisecond precision is not available, the fractional seconds portion **MAY** be omitted or zero-filled
- Timestamps **MUST NOT** include timezone offsets other than 'Z' (all times are UTC)
### 5.7. Field Presence and Optionality
The Protocol Buffer definition in `specification/a2a.proto` uses [`google.api.field_behavior`](https://github.com/googleapis/googleapis/blob/master/google/api/field_behavior.proto) annotations to indicate whether fields are `REQUIRED`. These annotations serve as both documentation and validation hints for implementations.
**Required Fields:**
Fields marked with `[(google.api.field_behavior) = REQUIRED]` indicate that the field **MUST** be present and set in valid messages. Implementations **SHOULD** validate these requirements and reject messages with missing required fields. Arrays marked as required **MUST** contain at least one element.
**Optional Field Presence:**
The Protocol Buffer `optional` keyword is used to distinguish between a field being explicitly set versus omitted. This distinction is critical for two scenarios:
1. **Explicit Default Values:** Some fields in the specification define default values that differ from Protocol Buffer's implicit defaults. Implementations should apply the default value when the field is not explicitly provided.
2. **Agent Card Canonicalization:** When creating cryptographic signatures of Agent Cards, it is required to produce a canonical JSON representation. The `optional` keyword enables implementations to distinguish between fields that were explicitly set (and should be included in the canonical form) versus fields that were omitted (and should be excluded from canonicalization). This ensures Agent Cards can be reconstructed to accurately match their signature.
**Unrecognized Fields:**
Implementations **SHOULD** ignore unrecognized fields in messages, allowing for forward compatibility as the protocol evolves.
## 6. Common Workflows & Examples
This section provides illustrative examples of common A2A interactions across different bindings.
### 6.1. Basic Task Execution
**Scenario:** Client asks a question and receives a completed task response.
**Request:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "What is the weather today?"}],
"messageId": "msg-uuid"
}
}
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"task": {
"id": "task-uuid",
"contextId": "context-uuid",
"status": {"state": "TASK_STATE_COMPLETED"},
"artifacts": [{
"artifactId": "artifact-uuid",
"name": "Weather Report",
"parts": [{"text": "Today will be sunny with a high of 75°F"}]
}]
}
}
```
### 6.2. Streaming Task Execution
**Scenario:** Client requests a long-running task with real-time updates.
**Request:**
```http
POST /message:stream HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "Write a detailed report on climate change"}],
"messageId": "msg-uuid"
}
}
```
**SSE Response Stream:**
```http
HTTP/1.1 200 OK
Content-Type: text/event-stream
data: {"task": {"id": "task-uuid", "status": {"state": "TASK_STATE_WORKING"}}}
data: {"artifactUpdate": {"taskId": "task-uuid", "artifact": {"parts": [{"text": "# Climate Change Report\n\n"}]}}}
data: {"statusUpdate": {"taskId": "task-uuid", "status": {"state": "TASK_STATE_COMPLETED"}}}
```
### 6.3. Multi-Turn Interaction
**Scenario:** Agent requires additional input to complete a task.
**Initial Request:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "Book me a flight"}],
"messageId": "msg-1"
}
}
```
**Response (Input Required):**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"task": {
"id": "task-uuid",
"status": {
"state": "TASK_STATE_INPUT_REQUIRED",
"message": {
"role": "ROLE_AGENT",
"parts": [{"text": "I need more details. Where would you like to fly from and to?"}]
}
}
}
}
```
**Follow-up Request:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"taskId": "task-uuid",
"role": "ROLE_USER",
"parts": [{"text": "From San Francisco to New York"}],
"messageId": "msg-2"
}
}
```
### 6.4. Version Negotiation Error
**Scenario:** Client requests an unsupported protocol version.
**Request:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
A2A-Version: 0.5
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "Hello"}],
"messageId": "msg-uuid"
}
}
```
**Response:**
```http
HTTP/1.1 400 Bad Request
Content-Type: application/problem+json
{
"type": "https://a2a-protocol.org/errors/version-not-supported",
"title": "Protocol Version Not Supported",
"status": 400,
"detail": "The requested A2A protocol version 0.5 is not supported by this agent",
"supportedVersions": ["0.3"]
}
```
### 6.5. Task Listing and Management
**Scenario:** Client wants to see all tasks from a specific context or all tasks with a particular status.
#### Request: All tasks from a specific context
**Request:**
```http
GET /tasks?contextId=c295ea44-7543-4f78-b524-7a38915ad6e4&pageSize=10&historyLength=3 HTTP/1.1
Host: agent.example.com
Authorization: Bearer token
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"tasks": [
{
"id": "3f36680c-7f37-4a5f-945e-d78981fafd36",
"contextId": "c295ea44-7543-4f78-b524-7a38915ad6e4",
"status": {
"state": "TASK_STATE_COMPLETED",
"timestamp": "2024-03-15T10:15:00Z"
}
}
],
"totalSize": 5,
"pageSize": 10,
"nextPageToken": ""
}
```
#### Request: All working tasks across all contexts
**Request:**
```http
GET /tasks?status=TASK_STATE_WORKING&pageSize=20 HTTP/1.1
Host: agent.example.com
Authorization: Bearer token
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"tasks": [
{
"id": "789abc-def0-1234-5678-9abcdef01234",
"contextId": "another-context-id",
"status": {
"state": "TASK_STATE_WORKING",
"message": {
"role": "ROLE_AGENT",
"parts": [
{
"text": "Processing your document analysis..."
}
],
"messageId": "msg-status-update"
},
"timestamp": "2024-03-15T10:20:00Z"
}
}
],
"totalSize": 1,
"pageSize": 20,
"nextPageToken": ""
}
```
#### Pagination Example
**Request:**
```http
GET /tasks?contextId=c295ea44-7543-4f78-b524-7a38915ad6e4&pageSize=10&pageToken=base64-encoded-cursor-token HTTP/1.1
Host: agent.example.com
Authorization: Bearer token
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"tasks": [
/* ... additional tasks */
],
"totalSize": 15,
"pageSize": 10,
"nextPageToken": "base64-encoded-next-cursor-token"
}
```
#### Validation Error Example
**Request:**
```http
GET /tasks?pageSize=150&historyLength=-5&status=TASK_STATE_RUNNING HTTP/1.1
Host: agent.example.com
Authorization: Bearer token
```
**Response:**
```http
HTTP/1.1 400 Bad Request
Content-Type: application/problem+json
{
"status": 400,
"detail": "Invalid parameters",
"errors": [
{
"field": "pageSize",
"message": "Must be between 1 and 100 inclusive, got 150"
},
{
"field": "historyLength",
"message": "Must be non-negative integer, got -5"
},
{
"field": "status",
"message": "Invalid status value 'running'. Must be one of: pending, working, completed, failed, canceled"
}
]
}
```
### 6.6. Push Notification Setup and Usage
**Scenario:** Client requests a long-running report generation and wants to be notified via webhook when it's done.
**Initial Request with Push Notification Config:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [
{
"text": "Generate the Q1 sales report. This usually takes a while. Notify me when it's ready."
}
],
"messageId": "6dbc13b5-bd57-4c2b-b503-24e381b6c8d6"
},
"configuration": {
"pushNotificationConfig": {
"url": "https://client.example.com/webhook/a2a-notifications",
"token": "secure-client-token-for-task-aaa",
"authentication": {
"schemes": ["Bearer"]
}
}
}
}
```
**Response (Task Submitted):**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"task": {
"id": "43667960-d455-4453-b0cf-1bae4955270d",
"contextId": "c295ea44-7543-4f78-b524-7a38915ad6e4",
"status": {
"state": "submitted",
"timestamp": "2024-03-15T11:00:00Z"
}
}
}
```
**Later: Server POSTs Notification to Webhook:**
```http
POST /webhook/a2a-notifications HTTP/1.1
Host: client.example.com
Authorization: Bearer server-generated-jwt
Content-Type: application/a2a+json
X-A2A-Notification-Token: secure-client-token-for-task-aaa
{
"statusUpdate": {
"taskId": "43667960-d455-4453-b0cf-1bae4955270d",
"contextId": "c295ea44-7543-4f78-b524-7a38915ad6e4",
"status": {
"state": "TASK_STATE_COMPLETED",
"timestamp": "2024-03-15T18:30:00Z"
}
}
}
```
### 6.7. File Exchange (Upload and Download)
**Scenario:** Client sends an image for analysis, and the agent returns a modified image.
**Request with File Upload:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [
{
"text": "Analyze this image and highlight any faces."
},
{
"raw": "iVBORw0KGgoAAAANSUhEUgAAAAUA..."
"filename": "input_image.png",
"mediaType": "image/png",
}
],
"messageId": "6dbc13b5-bd57-4c2b-b503-24e381b6c8d6"
}
}
```
**Response with File Reference:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"task": {
"id": "43667960-d455-4453-b0cf-1bae4955270d",
"contextId": "c295ea44-7543-4f78-b524-7a38915ad6e4",
"status": {
"state": "TASK_STATE_COMPLETED",
"timestamp": "2024-03-15T12:05:00Z"
},
"artifacts": [
{
"artifactId": "9b6934dd-37e3-4eb1-8766-962efaab63a1",
"name": "processed_image_with_faces.png",
"parts": [
{
"url": "https://storage.example.com/processed/task-bbb/output.png?token=xyz",
"filename": "output.png",
"mediaType": "image/png"
}
]
}
]
}
}
```
### 6.8. Structured Data Exchange
**Scenario:** Client asks for a list of open support tickets in a specific JSON format.
**Request:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/a2a+json
Authorization: Bearer token
{
"message": {
"role": "ROLE_USER",
"parts": [
{
"text": "Show me a list of my open IT tickets",
"metadata": {
"mediaType": "application/json",
"schema": {
"type": "array",
"items": {
"type": "object",
"properties": {
"ticketNumber": { "type": "string" },
"description": { "type": "string" }
}
}
}
}
}
],
"messageId": "85b26db5-ffbb-4278-a5da-a7b09dea1b47"
}
}
```
**Response with Structured Data:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"task": {
"id": "d8c6243f-5f7a-4f6f-821d-957ce51e856c",
"contextId": "c295ea44-7543-4f78-b524-7a38915ad6e4",
"status": {
"state": "TASK_STATE_COMPLETED",
"timestamp": "2025-04-17T17:47:09.680794Z"
},
"artifacts": [
{
"artifactId": "c5e0382f-b57f-4da7-87d8-b85171fad17c",
"parts": [
{
"text": "[{\"ticketNumber\":\"REQ12312\",\"description\":\"request for VPN access\"},{\"ticketNumber\":\"REQ23422\",\"description\":\"Add to DL - team-gcp-onboarding\"}]"
}
]
}
]
}
}
```
### 6.9. Fetching Authenticated Extended Agent Card
**Scenario:** A client discovers a public Agent Card indicating support for an authenticated extended card and wants to retrieve the full details.
**Step 1: Client fetches the public Agent Card:**
```http
GET /.well-known/agent-card.json HTTP/1.1
Host: example.com
```
**Response includes:**
```json
{
"capabilities": {
"extendedAgentCard": true
},
"securitySchemes": {
"google": {
"openIdConnectSecurityScheme": {
"openIdConnectUrl": "https://accounts.google.com/.well-known/openid-configuration"
}
}
}
}
```
### Step 2: Client obtains credentials (out-of-band OAuth 2.0 flow)
### Step 3: Client fetches authenticated extended Agent Card
```http
GET /extendedAgentCard HTTP/1.1
Host: agent.example.com
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/a2a+json
{
"name": "Extended Agent with Additional Skills",
"skills": [
/* Extended skills available to authenticated users */
]
}
```
## 7. Authentication and Authorization
A2A treats agents as standard enterprise applications, relying on established web security practices. Identity information is handled at the protocol layer, not within A2A semantics.
For a comprehensive guide on enterprise security aspects, see [Enterprise-Ready Features](./topics/enterprise-ready.md).
### 7.1. Protocol Security
Production deployments **MUST** use encrypted communication (HTTPS for HTTP-based bindings, TLS for gRPC). Implementations **SHOULD** use modern TLS configurations (TLS 1.3+ recommended) with strong cipher suites.
### 7.2. Server Identity Verification
A2A Clients **SHOULD** verify the A2A Server's identity by validating its TLS certificate against trusted certificate authorities (CAs) during the TLS handshake.
### 7.3. Client Authentication Process
1. **Discovery of Requirements:** The client discovers the server's required authentication schemes via the `securitySchemes` field in the AgentCard.
2. **Credential Acquisition (Out-of-Band):** The client obtains the necessary credentials through an out-of-band process specific to the required authentication scheme.
3. **Credential Transmission:** The client includes these credentials in protocol-appropriate headers or metadata for every A2A request.
### 7.4. Server Authentication Responsibilities
The A2A Server:
- **MUST** authenticate every incoming request based on the provided credentials and its declared authentication requirements.
- **SHOULD** use appropriate binding-specific error codes for authentication challenges or rejections.
- **SHOULD** provide relevant authentication challenge information with error responses.
### 7.5. Server Authorization Responsibilities
Once authenticated, the A2A Server authorizes requests based on the authenticated identity and its own policies. Authorization logic is implementation-specific and **MAY** consider:
- Specific skills requested
- Actions attempted within tasks
- Data access policies
- OAuth scopes (if applicable)
### 7.6. In-Task Authorization
In the course of performing a task, an agent may require authorization to perform some action. Examples include:
- An agent requiring an OAuth access token to call an API or another agent
- An agent requiring human approval before a destructive action is taken
In the sections below, we refer to the object that represents the approved authorization as a credential.
Agents may have multiple means for retrieving this authorization, such as via directly sending messages to a human.
A2A provides the capability for agents to delegate the fulfillment of this authorization to the client via the `TASK_STATE_AUTH_REQUIRED` Task state. This provides agents a fallback path for requesting authorization by passing the responsibility to the client.
#### 7.6.1 In-Task Authorization Agent Responsibilities
To request that a client fulfills an authorization request, the agent:
1. MUST use a Task to track the operation it is performing
2. MUST transition the TaskState to `TASK_STATE_AUTH_REQUIRED`
3. MUST include a TaskStatus message explaining the required authorization, unless the details of the authorization have been negotiated out-of-band or via an extension
Agents MUST arrange to receive credentials via an out-of-band means, unless an in-band mechanism has been negotiated out-of-band or via an extension.
If the credential is received out-of-band, the agent SHOULD maintain any active response streams with the client after setting the TaskState to `TASK_STATE_AUTH_REQUIRED`. The agent MAY immediately continue Task processing after receiving the credential, without a requirement that clients send a follow-up message.
Agents SHOULD support receiving messages directed to the Task while the Task remains in `TASK_STATE_AUTH_REQUIRED`. This enables clients to negotiate, correct, or reject an authorization request.
#### 7.6.2 In-Task Authorization Client Responsibilities
Upon receiving a Task in `TASK_STATE_AUTH_REQUIRED`, a client is expected to take action in some way to resolve the agent's request for authorization.
A client may:
- Send a response message to the Task to negotiate, correct, or reject the authorization request.
- Contact another human, agent, or service to fulfill the authorization request
- Directly fulfill the authorization request via an out-of-band or extension negotiated means
If the client is itself an A2A agent actively processing a Task, the client may further delegate the authorization request to its client by transitioning its own Task to `TASK_STATE_AUTH_REQUIRED`. The client SHOULD follow all [In-Task Authorization Agent Responsibilities](#761-in-task-authorization-agent-responsibilities). This enables forming a chain of Tasks in `TASK_STATE_AUTH_REQUIRED`.
Clients may not be aware of when the agent receives credentials out-of-band and subsequently continues Task processing. If a client does not have an active response stream open with the agent, the client risks missing Task updates. To avoid this, a client SHOULD perform one of the following:
- Subscribe to a stream of events for the Task using the [Subscribe to Task](#316-subscribe-to-task) operation
- Register a webhook to receive events, if supported by the agent, using the [Create Push Notification Config](#317-create-push-notification-config) operation
- Begin polling the Task using the [Get Task](#313-get-task) operation
#### 7.6.3 In-Task Authorization Security Considerations
Agents SHOULD receive credentials for in-task authorization requests out of band via a secure channel, such as HTTPS. This ensures that credentials are provided directly to the agent.
In-band credential exchange may be negotiated via out-of-band means or by using extensions. In-band credential exchange can allow credentials to be passed across chains of multiple A2A agents, exposing those credentials to each agent participating in the chain.
If using in-band credential exchange, we recommend adhering to the following security practices:
- Credentials SHOULD be bound to the agent which originated the request, such that only this agent is able to use the credentials. This ensures that credentials propagating through a chain of A2A requests are only usable by the requesting agent.
- Credentials containing sensitive information SHOULD be only readable by the agent which originated the request, such as by encrypting the credential.
## 8. Agent Discovery: The Agent Card
### 8.1. Purpose
A2A Servers **MUST** make an Agent Card available. The Agent Card describes the server's identity, capabilities, skills, and interaction requirements. Clients use this information for discovering suitable agents and configuring interactions.
For more on discovery strategies, see the [Agent Discovery guide](./topics/agent-discovery.md).
### 8.2. Discovery Mechanisms
Clients can find Agent Cards through:
- **Well-Known URI:** Accessing `https://{server_domain}/.well-known/agent-card.json` (see [Section 8.6](#86-caching) for caching guidance)
- **Registries/Catalogs:** Querying curated catalogs of agents
- **Direct Configuration:** Pre-configured Agent Card URLs or content
### 8.3. Protocol Declaration Requirements
The AgentCard **MUST** properly declare supported protocols:
#### 8.3.1. Supported Interfaces Declaration
- The `supportedInterfaces` field **SHOULD** declare all supported protocol combinations in preference order
- The first entry in `supportedInterfaces` represents the preferred interface
- Each interface **MUST** accurately declare its transport protocol and URL
- URLs **MAY** be reused if multiple transports are available at the same endpoint
#### 8.3.2. Client Protocol Selection
Clients **MUST** follow these rules:
1. Parse `supportedInterfaces` if present, and select the first supported transport
2. Prefer earlier entries in the ordered list when multiple options are supported
3. Use the correct URL for the selected transport
### 8.4. Agent Card Signing
Agent Cards **MAY** be digitally signed using JSON Web Signature (JWS) as defined in [RFC 7515](https://tools.ietf.org/html/rfc7515) to ensure authenticity and integrity. Signatures allow clients to verify that an Agent Card has not been tampered with and originates from the claimed provider.
#### 8.4.1. Canonicalization Requirements
Before signing, the Agent Card content **MUST** be canonicalized using the JSON Canonicalization Scheme (JCS) as defined in [RFC 8785](https://tools.ietf.org/html/rfc8785). This ensures consistent signature generation and verification across different JSON implementations.
**Canonicalization Rules:**
1. **Field Presence and Default Value Handling**: Before canonicalization, the JSON representation **MUST** respect Protocol Buffer field presence semantics as defined in [Section 5.7](#57-field-presence-and-optionality). This ensures that the canonical form accurately reflects which fields were explicitly provided versus which were omitted, enabling signature verification when Agent Cards are reconstructed:
- **Optional fields not explicitly set**: Fields marked with the `optional` keyword that were not explicitly set **MUST** be omitted from the JSON object
- **Optional fields explicitly set to defaults**: Fields marked with `optional` that were explicitly set to a value (even if that value matches a default) **MUST** be included in the JSON object
- **Required fields**: Fields marked with `REQUIRED` **MUST** always be present, even if the field value matches the default.
- **Default values**: Fields with default values **MUST** be omitted unless the field is marked as `REQUIRED` or has the `optional` keyword.
2. **RFC 8785 Compliance**: The Agent Card JSON **MUST** be canonicalized according to RFC 8785, which specifies:
- Predictable ordering of object properties (lexicographic by key)
- Consistent representation of numbers, strings, and other primitive values
- Removal of insignificant whitespace
3. **Signature Field Exclusion**: The `signatures` field itself **MUST** be excluded from the content being signed to avoid circular dependencies.
**Example of Default Value Removal:**
Original Agent Card fragment:
```json
{
"name": "Example Agent",
"description": "",
"capabilities": {
"streaming": false,
"pushNotifications": false,
"extensions": []
},
"skills": []
}
```
Applying the canonicalization rules:
- `name`: "Example Agent" - REQUIRED field → **include**
- `description`: "" - REQUIRED field → **include**
- `capabilities`: object - REQUIRED field → **include** (after processing children)
- `streaming`: false - optional field, present in JSON (explicitly set) → **include**
- `pushNotifications`: false - optional field, present in JSON (explicitly set) → **include**
- `extensions`: [] - repeated field (not REQUIRED) with empty array → **omit**
- `skills`: [] - REQUIRED field → **include**
After applying RFC 8785:
```json
{"capabilities":{"pushNotifications":false,"streaming":false},"description":"","name":"Example Agent","skills":[]}
```
#### 8.4.2. Signature Format
Signatures use the JSON Web Signature (JWS) format as defined in [RFC 7515](https://tools.ietf.org/html/rfc7515). The [`AgentCardSignature`](#447-agentcardsignature) object represents JWS components using three fields:
- **`protected`** (required, string): Base64url-encoded JSON object containing the JWS Protected Header
- **`signature`** (required, string): Base64url-encoded signature value
- **`header`** (optional, object): JWS Unprotected Header as a JSON object (not base64url-encoded)
**JWS Protected Header Parameters:**
The protected header **MUST** include:
- `alg`: Algorithm used for signing (e.g., "ES256", "RS256")
- `typ`: **SHOULD** be set to "JOSE" for JWS
- `kid`: Key ID for identifying the signing key
The protected header **MAY** include:
- `jku`: URL to JSON Web Key Set (JWKS) containing the public key
**Signature Generation Process:**
1. **Prepare the payload:**
- Remove properties with default values from the Agent Card
- Exclude the `signatures` field
- Canonicalize the resulting JSON using RFC 8785 to produce the canonical payload
2. **Create the protected header:**
- Construct a JSON object with the required header parameters (`alg`, `typ`, `kid`) and any optional parameters (`jku`)
- Serialize the header to JSON
- Base64url-encode the serialized header to produce the `protected` field value
3. **Compute the signature:**
- Construct the JWS Signing Input: `ASCII(BASE64URL(UTF8(JWS Protected Header)) || '.' || BASE64URL(JWS Payload))`
- Sign the JWS Signing Input using the algorithm specified in the `alg` header parameter and the private key
- Base64url-encode the resulting signature bytes to produce the `signature` field value
4. **Assemble the AgentCardSignature:**
- Set `protected` to the base64url-encoded protected header from step 2
- Set `signature` to the base64url-encoded signature value from step 3
- Optionally set `header` to a JSON object containing any unprotected header parameters.
**Example:**
Given a canonical Agent Card payload and signing key, the signature generation produces:
```json
{
"protected": "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpPU0UiLCJraWQiOiJrZXktMSIsImprdSI6Imh0dHBzOi8vZXhhbXBsZS5jb20vYWdlbnQvandrcy5qc29uIn0",
"signature": "QFdkNLNszlGj3z3u0YQGt_T9LixY3qtdQpZmsTdDHDe3fXV9y9-B3m2-XgCpzuhiLt8E0tV6HXoZKHv4GtHgKQ"
}
```
Where the `protected` value decodes to:
```json
{"alg":"ES256","typ":"JOSE","kid":"key-1","jku":"https://example.com/agent/jwks.json"}
```
#### 8.4.3. Signature Verification
Clients verifying Agent Card signatures **MUST**:
1. Extract the signature from the `signatures` array
2. Retrieve the public key using the `kid` and `jku` (or from a trusted key store)
3. Remove properties with default values from the received Agent Card
4. Exclude the `signatures` field
5. Canonicalize the resulting JSON using RFC 8785
6. Verify the signature against the canonicalized payload
**Security Considerations:**
- Clients **SHOULD** verify at least one signature before trusting an Agent Card
- Public keys **SHOULD** be retrieved over secure channels (HTTPS)
- Clients **MAY** maintain a trusted key store for known agent providers
- Expired or revoked keys **MUST NOT** be used for verification
- Multiple signatures **MAY** be present to support key rotation
### 8.5. Sample Agent Card
```json
{
"name": "GeoSpatial Route Planner Agent",
"description": "Provides advanced route planning, traffic analysis, and custom map generation services. This agent can calculate optimal routes, estimate travel times considering real-time traffic, and create personalized maps with points of interest.",
"supportedInterfaces": [
{"url": "https://georoute-agent.example.com/a2a/v1", "protocolBinding": "JSONRPC", "protocolVersion": "1.0"},
{"url": "https://georoute-agent.example.com/a2a/grpc", "protocolBinding": "GRPC", "protocolVersion": "1.0"},
{"url": "https://georoute-agent.example.com/a2a/json", "protocolBinding": "HTTP+JSON", "protocolVersion": "1.0"}
],
"provider": {
"organization": "Example Geo Services Inc.",
"url": "https://www.examplegeoservices.com"
},
"iconUrl": "https://georoute-agent.example.com/icon.png",
"version": "1.2.0",
"documentationUrl": "https://docs.examplegeoservices.com/georoute-agent/api",
"capabilities": {
"streaming": true,
"pushNotifications": true,
"stateTransitionHistory": false,
"extendedAgentCard": true
},
"securitySchemes": {
"google": {
"openIdConnectSecurityScheme": {
"openIdConnectUrl": "https://accounts.google.com/.well-known/openid-configuration"
}
}
},
"security": [{ "google": ["openid", "profile", "email"] }],
"defaultInputModes": ["application/json", "text/plain"],
"defaultOutputModes": ["application/json", "image/png"],
"skills": [
{
"id": "route-optimizer-traffic",
"name": "Traffic-Aware Route Optimizer",
"description": "Calculates the optimal driving route between two or more locations, taking into account real-time traffic conditions, road closures, and user preferences (e.g., avoid tolls, prefer highways).",
"tags": ["maps", "routing", "navigation", "directions", "traffic"],
"examples": [
"Plan a route from '1600 Amphitheatre Parkway, Mountain View, CA' to 'San Francisco International Airport' avoiding tolls.",
"{\"origin\": {\"lat\": 37.422, \"lng\": -122.084}, \"destination\": {\"lat\": 37.7749, \"lng\": -122.4194}, \"preferences\": [\"avoid_ferries\"]}"
],
"inputModes": ["application/json", "text/plain"],
"outputModes": [
"application/json",
"application/vnd.geo+json",
"text/html"
]
},
{
"id": "custom-map-generator",
"name": "Personalized Map Generator",
"description": "Creates custom map images or interactive map views based on user-defined points of interest, routes, and style preferences. Can overlay data layers.",
"tags": ["maps", "customization", "visualization", "cartography"],
"examples": [
"Generate a map of my upcoming road trip with all planned stops highlighted.",
"Show me a map visualizing all coffee shops within a 1-mile radius of my current location."
],
"inputModes": ["application/json"],
"outputModes": [
"image/png",
"image/jpeg",
"application/json",
"text/html"
]
}
],
"signatures": [
{
"protected": "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpPU0UiLCJraWQiOiJrZXktMSIsImprdSI6Imh0dHBzOi8vZXhhbXBsZS5jb20vYWdlbnQvandrcy5qc29uIn0",
"signature": "QFdkNLNszlGj3z3u0YQGt_T9LixY3qtdQpZmsTdDHDe3fXV9y9-B3m2-XgCpzuhiLt8E0tV6HXoZKHv4GtHgKQ"
}
]
}
```
### 8.6. Caching
Agent Card content changes infrequently relative to the frequency at which clients may fetch it. Servers and clients **SHOULD** use standard HTTP caching mechanisms to reduce unnecessary network overhead.
#### 8.6.1. Server Requirements
- Agent Card HTTP endpoints **SHOULD** include a `Cache-Control` response header with a `max-age` directive appropriate for the agent's expected update frequency
- Agent Card HTTP endpoints **SHOULD** include an `ETag` response header derived from the Agent Card's `version` field or a hash of the card content
- Agent Card HTTP endpoints **MAY** include a `Last-Modified` response header
#### 8.6.2. Client Requirements
- Clients **SHOULD** honor HTTP caching semantics as defined in [RFC 9111](https://www.rfc-editor.org/rfc/rfc9111) when fetching Agent Cards
- When a cached Agent Card has expired, clients **SHOULD** use conditional requests (`If-None-Match` with the stored `ETag`, or `If-Modified-Since`) to avoid re-downloading unchanged cards
- When the server does not include caching headers, clients **MAY** apply an implementation-specific default cache duration
## 9. JSON-RPC Protocol Binding
The JSON-RPC protocol binding provides a simple, HTTP-based interface using JSON-RPC 2.0 for method calls and Server-Sent Events for streaming.
### 9.1. Protocol Requirements
- **Protocol:** JSON-RPC 2.0 over HTTP(S)
- **Content-Type:** `application/json` for requests and responses
- **Method Naming:** PascalCase method names matching gRPC conventions (e.g., `SendMessage`, `GetTask`)
- **Streaming:** Server-Sent Events (`text/event-stream`)
### 9.2. Service Parameter Transmission
A2A service parameters defined in [Section 3.2.6](#326-service-parameters) **MUST** be transmitted using standard HTTP request headers, as JSON-RPC 2.0 operates over HTTP(S).
**Service Parameter Requirements:**
- Service parameter names **MUST** be transmitted as HTTP header fields
- Service parameter keys are case-insensitive per HTTP specification (RFC 7230)
- Multiple values for the same service parameter (e.g., `A2A-Extensions`) **SHOULD** be comma-separated in a single header field
**Example Request with A2A Service Parameters:**
```http
POST /rpc HTTP/1.1
Host: agent.example.com
Content-Type: application/json
Authorization: Bearer token
A2A-Version: 0.3
A2A-Extensions: https://example.com/extensions/geolocation/v1,https://standards.org/extensions/citations/v1
{
"jsonrpc": "2.0",
"id": 1,
"method": "SendMessage",
"params": { /* SendMessageRequest */ }
}
```
### 9.3. Base Request Structure
All JSON-RPC requests **MUST** follow the standard JSON-RPC 2.0 format:
```json
{
"jsonrpc": "2.0",
"id": "unique-request-id",
"method": "category/action",
"params": { /* method-specific parameters */ }
}
```
### 9.4. Core Methods
#### 9.4.1. `SendMessage`
Sends a message to initiate or continue a task.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 1,
"method": "SendMessage",
"params": { /* SendMessageRequest object */ }
}
```
**Referenced Objects:** [`SendMessageRequest`](#321-sendmessagerequest), [`Message`](#414-message)
**Response:**
```json
{
"jsonrpc": "2.0",
"id": 1,
"result": {
/* SendMessageResponse object, contains one of:
* "task": { Task object }
* "message": { Message object }
*/
}
```
**Referenced Objects:** [`Task`](#411-task), [`Message`](#414-message)
#### 9.4.2. `SendStreamingMessage`
Sends a message and subscribes to real-time updates via Server-Sent Events.
**Request:** Same as `SendMessage`
**Response:** HTTP 200 with `Content-Type: text/event-stream`
```text
data: {"jsonrpc": "2.0", "id": 1, "result": { /* StreamResponse object */ }}
data: {"jsonrpc": "2.0", "id": 1, "result": { /* StreamResponse object */ }}
```
**Referenced Objects:** [`StreamResponse`](#323-stream-response)
#### 9.4.3. `GetTask`
Retrieves the current state of a task.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 2,
"method": "GetTask",
"params": {
"id": "task-uuid",
"historyLength": 10
}
}
```
#### 9.4.4. `ListTasks`
Lists tasks with optional filtering and pagination.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 3,
"method": "ListTasks",
"params": {
"contextId": "context-uuid",
"status": "TASK_STATE_WORKING",
"pageSize": 50,
"pageToken": "cursor-token"
}
}
```
#### 9.4.5. `CancelTask`
Cancels an ongoing task.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 4,
"method": "CancelTask",
"params": {
"id": "task-uuid"
}
}
```
#### 9.4.6. `SubscribeToTask`
Subscribes to a task stream for receiving updates on a task that is not in a terminal state.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 5,
"method": "SubscribeToTask",
"params": {
"id": "task-uuid"
}
}
```
**Response:** SSE stream (same format as `SendStreamingMessage`)
**Error:** Returns `UnsupportedOperationError` if the task is in a terminal state (`completed`, `failed`, `canceled`, or `rejected`).
#### 9.4.7. Push Notification Configuration Methods
- `CreateTaskPushNotificationConfig` - Create push notification configuration
- `GetTaskPushNotificationConfig` - Get push notification configuration
- `ListTaskPushNotificationConfigs` - List push notification configurations
- `DeleteTaskPushNotificationConfig` - Delete push notification configuration
#### 9.4.8. `GetExtendedAgentCard`
Retrieves an extended Agent Card.
**Request:**
```json
{
"jsonrpc": "2.0",
"id": 6,
"method": "GetExtendedAgentCard"
}
```
### 9.5. Error Handling
JSON-RPC error responses use the standard [JSON-RPC 2.0 error object](https://www.jsonrpc.org/specification#error_object) structure, which maps to the generic A2A error model defined in [Section 3.3.2](#332-error-handling) as follows:
- **Error Code**: Mapped to `error.code` (numeric JSON-RPC error code)
- **Error Message**: Mapped to `error.message` (human-readable string)
- **Error Details**: Mapped to `error.data` (array containing `google.protobuf.Any` messages, using ProtoJSON representation)
**Standard JSON-RPC Error Codes:**
| JSON-RPC Error Code | Error Name | Standard Message | Description |
| :------------------ | :-------------------- | :--------------------------------- | :------------------------------------------------------ |
| `-32700` | `JSONParseError` | "Invalid JSON payload" | The server received invalid JSON |
| `-32600` | `InvalidRequestError` | "Request payload validation error" | The JSON sent is not a valid Request object |
| `-32601` | `MethodNotFoundError` | "Method not found" | The requested method does not exist or is not available |
| `-32602` | `InvalidParamsError` | "Invalid parameters" | The method parameters are invalid |
| `-32603` | `InternalError` | "Internal error" | An internal error occurred on the server |
**A2A-Specific Error Codes:**
A2A-specific errors use codes in the range `-32001` to `-32099`. For the complete mapping of A2A error types to JSON-RPC error codes, see [Section 5.4 (Error Code Mappings)](#54-error-code-mappings).
**A2A Error Representation:**
For A2A-specific errors, implementations **MUST** include a `google.rpc.ErrorInfo` message in the `data` array with:
- `@type`: Set to `"type.googleapis.com/google.rpc.ErrorInfo"`
- `reason`: The A2A error type in UPPER_SNAKE_CASE without the "Error" suffix (e.g., `TASK_NOT_FOUND`)
- `domain`: Set to `"a2a-protocol.org"`
- `metadata`: Optional map of additional error context
Additional error context **MAY** be included in the `data` array.
**Error Response Structure:**
```json
{
"jsonrpc": "2.0",
"id": 1,
"error": {
"code": -32601,
"message": "Method not found",
"data": {
"method": "invalid/method"
}
}
}
```
**Example A2A-Specific Error Response:**
```json
{
"jsonrpc": "2.0",
"id": 2,
"error": {
"code": -32001,
"message": "Task not found",
"data": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "TASK_NOT_FOUND",
"domain": "a2a-protocol.org",
"metadata": {
"taskId": "nonexistent-task-id",
"timestamp": "2025-11-09T10:30:00.000Z"
}
}
]
}
}
```
## 10. gRPC Protocol Binding
The gRPC Protocol Binding provides a high-performance, strongly-typed interface using Protocol Buffers over HTTP/2. The gRPC Protocol Binding leverages the [API guidelines](https://google.aip.dev/general) to simplify gRPC to HTTP mapping.
### 10.1. Protocol Requirements
- **Protocol:** gRPC over HTTP/2 with TLS
- **Definition:** Use the normative Protocol Buffers definition in `specification/a2a.proto`
- **Serialization:** Protocol Buffers version 3
- **Service:** Implement the `A2AService` gRPC service
### 10.2. Service Parameter Transmission
A2A service parameters defined in [Section 3.2.6](#326-service-parameters) **MUST** be transmitted using gRPC metadata (headers).
**Service Parameter Requirements:**
- Service parameter names **MUST** be transmitted as gRPC metadata keys
- Metadata keys are case-insensitive and automatically converted to lowercase by gRPC
- Multiple values for the same service parameter (e.g., `A2A-Extensions`) **SHOULD** be comma-separated in a single metadata entry
**Example gRPC Request with A2A Service Parameters:**
```go
// Go example using gRPC metadata
md := metadata.Pairs(
"authorization", "Bearer token",
"a2a-version", "0.3",
"a2a-extensions", "https://example.com/extensions/geolocation/v1,https://standards.org/extensions/citations/v1",
)
ctx := metadata.NewOutgoingContext(context.Background(), md)
// Make the RPC call with the context containing metadata
response, err := client.SendMessage(ctx, request)
```
**Metadata Handling:**
- Implementations **MUST** extract A2A service parameters from gRPC metadata for processing
- Servers **SHOULD** validate required service parameters (e.g., `A2A-Version`) from metadata
- Service parameter keys in metadata are normalized to lowercase per gRPC conventions
### 10.3. Service Definition
{{ proto_service_to_table("A2AService") }}
### 10.4. Core Methods
#### 10.4.1. SendMessage
Sends a message to an agent.
**Request:**
{{ proto_to_table("SendMessageRequest") }}
**Response:**
{{ proto_to_table("SendMessageResponse") }}
#### 10.4.2. SendStreamingMessage
Sends a message with streaming updates.
**Request:**
{{ proto_to_table("SendMessageRequest") }}
**Response:** Server streaming [`StreamResponse`](#stream-response) objects.
#### 10.4.3. GetTask
Retrieves task status.
**Request:**
{{ proto_to_table("GetTaskRequest") }}
**Response:** See [`Task`](#411-task) object definition.
#### 10.4.4. ListTasks
Lists tasks with filtering.
**Request:**
{{ proto_to_table("ListTasksRequest") }}
**Response:**
{{ proto_to_table("ListTasksResponse") }}
#### 10.4.5. CancelTask
Cancels a running task.
**Request:**
{{ proto_to_table("CancelTaskRequest") }}
**Response:** See [`Task`](#411-task) object definition.
#### 10.4.6. SubscribeToTask
Subscribe to task updates via streaming. Returns `UnsupportedOperationError` if the task is in a terminal state.
**Request:**
{{ proto_to_table("SubscribeToTaskRequest") }}
**Response:** Server streaming [`StreamResponse`](#stream-response) objects.
#### 10.4.7. CreateTaskPushNotificationConfig
Creates a push notification configuration for a task.
**Request:**
{{ proto_to_table("CreateTaskPushNotificationConfigRequest") }}
**Response:** See [`PushNotificationConfig`](#431-pushnotificationconfig) object definition.
#### 10.4.8. GetTaskPushNotificationConfig
Retrieves an existing push notification configuration for a task.
**Request:**
{{ proto_to_table("GetTaskPushNotificationConfigRequest") }}
**Response:** See [`PushNotificationConfig`](#431-pushnotificationconfig) object definition.
#### 10.4.9. ListTaskPushNotificationConfigs
Lists all push notification configurations for a task.
**Request:**
{{ proto_to_table("ListTaskPushNotificationConfigsRequest") }}
**Response:**
{{ proto_to_table("ListTaskPushNotificationConfigsResponse") }}
#### 10.4.10. DeleteTaskPushNotificationConfig
Removes a push notification configuration for a task.
**Request:**
{{ proto_to_table("DeleteTaskPushNotificationConfigRequest") }}
**Response:** `google.protobuf.Empty`
#### 10.4.11. GetExtendedAgentCard
Retrieves the agent's extended capability card after authentication.
**Request:**
{{ proto_to_table("GetExtendedAgentCardRequest") }}
**Response:** See [`AgentCard`](#441-agentcard) object definition.
### 10.5. gRPC-Specific Data Types
#### 10.5.1. TaskPushNotificationConfig
Resource wrapper for push notification configurations. This is a gRPC-specific type used in resource-oriented operations to provide the full resource name along with the configuration data.
{{ proto_to_table("TaskPushNotificationConfig") }}
**Fields:**
{{ proto_to_table("TaskPushNotificationConfig") }}
### 10.6. Error Handling
gRPC error responses use the standard [gRPC status](https://grpc.io/docs/guides/error/) structure with [google.rpc.Status](https://github.com/googleapis/googleapis/blob/master/google/rpc/status.proto), which maps to the generic A2A error model defined in [Section 3.3.2](#332-error-handling) as follows:
- **Error Code**: Mapped to `status.code` (gRPC status code enum)
- **Error Message**: Mapped to `status.message` (human-readable string)
- **Error Details**: Mapped to `status.details` (repeated google.protobuf.Any messages)
**A2A Error Representation:**
For A2A-specific errors, implementations **MUST** include a `google.rpc.ErrorInfo` message in the `status.details` array with:
- `reason`: The A2A error type in UPPER_SNAKE_CASE without the "Error" suffix (e.g., `TASK_NOT_FOUND`)
- `domain`: Set to `"a2a-protocol.org"`
- `metadata`: Optional map of additional error context
For the complete mapping of A2A error types to gRPC status codes, see [Section 5.4 (Error Code Mappings)](#54-error-code-mappings).
**Error Response Example:**
```proto
// Standard gRPC invalid argument error
status {
code: INVALID_ARGUMENT
message: "Invalid request parameters"
details: [
{
type: "type.googleapis.com/google.rpc.BadRequest"
field_violations: [
{
field: "message.parts"
description: "At least one part is required"
}
]
}
]
}
```
**Example A2A-Specific Error Response:**
```proto
// A2A-specific task not found error
status {
code: NOT_FOUND
message: "Task with ID 'task-123' not found"
details: [
{
type: "type.googleapis.com/google.rpc.ErrorInfo"
reason: "TASK_NOT_FOUND"
domain: "a2a-protocol.org"
metadata: {
task_id: "task-123"
timestamp: "2025-11-09T10:30:00Z"
}
}
]
}
```
### 10.7. Streaming
gRPC streaming uses server streaming RPCs for real-time updates. The `StreamResponse` message provides a union of possible streaming events:
{{ proto_to_table("StreamResponse") }}
## 11. HTTP+JSON/REST Protocol Binding
The HTTP+JSON protocol binding provides a RESTful interface using standard HTTP methods and JSON payloads.
### 11.1. Protocol Requirements
- **Protocol:** HTTP(S) with JSON payloads
- **Content-Type:** `application/json` for requests and responses
- **Methods:** Standard HTTP verbs (GET, POST, PUT, DELETE)
- **URL Patterns:** RESTful resource-based URLs
- **Streaming:** Server-Sent Events for real-time updates
### 11.2. Service Parameter Transmission
A2A service parameters defined in [Section 3.2.6](#326-service-parameters) **MUST** be transmitted using standard HTTP request headers.
**Service Parameter Requirements:**
- Service parameter names **MUST** be transmitted as HTTP header fields
- Service parameter keys are case-insensitive per HTTP specification (RFC 9110)
- Multiple values for the same service parameter (e.g., `A2A-Extensions`) **SHOULD** be comma-separated in a single header field
**Example Request with A2A Service Parameters:**
```http
POST /message:send HTTP/1.1
Host: agent.example.com
Content-Type: application/json
Authorization: Bearer token
A2A-Version: 0.3
A2A-Extensions: https://example.com/extensions/geolocation/v1,https://standards.org/extensions/citations/v1
{
"message": {
"role": "ROLE_USER",
"parts": [{"text": "Find restaurants near me"}]
}
}
```
### 11.3. URL Patterns and HTTP Methods
#### 11.3.1. Message Operations
- `POST /message:send` - Send message
- `POST /message:stream` - Send message with streaming (SSE response)
#### 11.3.2. Task Operations
- `GET /tasks/{id}` - Get task status
- `GET /tasks` - List tasks (with query parameters)
- `POST /tasks/{id}:cancel` - Cancel task
- `POST /tasks/{id}:subscribe` - Subscribe to task updates (SSE response, returns error for terminal tasks)
#### 11.3.3. Push Notification Configuration
- `POST /tasks/{id}/pushNotificationConfigs` - Create configuration
- `GET /tasks/{id}/pushNotificationConfigs/{configId}` - Get configuration
- `GET /tasks/{id}/pushNotificationConfigs` - List configurations
- `DELETE /tasks/{id}/pushNotificationConfigs/{configId}` - Delete configuration
#### 11.3.4. Agent Card
- `GET /extendedAgentCard` - Get authenticated extended Agent Card
### 11.4. Request/Response Format
All requests and responses use JSON objects structurally equivalent to the Protocol Buffer definitions.
**Example Send Message:**
```http
POST /message:send
Content-Type: application/json
{
"message": {
"messageId": "uuid",
"role": "ROLE_USER",
"parts": [{"text": "Hello"}]
},
"configuration": {
"acceptedOutputModes": ["text/plain"]
}
}
```
**Referenced Objects:** [`SendMessageRequest`](#321-sendmessagerequest), [`Message`](#414-message)
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: application/json
{
"task": {
"id": "task-uuid",
"contextId": "context-uuid",
"status": {
"state": "TASK_STATE_COMPLETED"
}
}
}
```
**Referenced Objects:** [`Task`](#411-task)
### 11.5. Query Parameter Naming for Request Parameters
HTTP methods that do not support request bodies (GET, DELETE) **MUST** transmit operation request parameters as path parameters or query parameters. This section defines how to map Protocol Buffer field names to query parameter names.
**Naming Convention:**
Query parameter names **MUST** use `camelCase` to match the JSON serialization of Protocol Buffer field names. This ensures consistency with request bodies used in POST operations.
**Example Mappings:**
| Protocol Buffer Field | Query Parameter Name | Example Usage |
| --------------------- | -------------------- | ------------------- |
| `context_id` | `contextId` | `?contextId=uuid` |
| `page_size` | `pageSize` | `?pageSize=50` |
| `page_token` | `pageToken` | `?pageToken=cursor` |
| `task_id` | `taskId` | `?taskId=uuid` |
**Usage Examples:**
List tasks with filtering:
```http
GET /tasks?contextId=uuid&status=working&pageSize=50&pageToken=cursor
```
Get task with history:
```http
GET /tasks/{id}?historyLength=10
```
**Field Type Handling:**
- **Strings**: Passed directly as query parameter values
- **Booleans**: Represented as lowercase strings (`true`, `false`)
- **Numbers**: Represented as decimal strings
- **Enums**: Represented using their string values (e.g., `status=working`)
- **Repeated Fields**: Multiple values **MAY** be passed by repeating the parameter name (e.g., `?tag=value1&tag=value2`) or as comma-separated values (e.g., `?tag=value1,value2`)
- **Nested Objects**: Not supported in query parameters; operations requiring nested objects **MUST** use POST with a request body
- **Datetimes/Timestamps**: Represented as ISO 8601 strings (e.g., `2025-11-09T10:30:00Z`)
**URL Encoding:**
All query parameter values **MUST** be properly URL-encoded per [RFC 3986](https://www.rfc-editor.org/rfc/rfc3986.html).
### 11.6. Error Handling
HTTP error responses use the representation specified in [AIP-193](https://google.aip.dev/193#http11json-representation) which maps to the generic A2A error model defined in [Section 3.3.2](#332-error-handling) as follows:
- **Error Code**: Mapped to the HTTP status code and the `error.code` field
- **Error Message**: Mapped to the `error.message` field (human-readable string)
- **Error Details**: Mapped to the `error.details` array (containing `google.protobuf.Any` messages)
**A2A Error Representation:**
For A2A-specific errors, implementations **MUST** include a `google.rpc.ErrorInfo` message in the `details` array with:
- `@type`: Set to `"type.googleapis.com/google.rpc.ErrorInfo"`
- `reason`: The A2A error type in UPPER_SNAKE_CASE without the "Error" suffix (e.g., `TASK_NOT_FOUND`)
- `domain`: Set to `"a2a-protocol.org"`
- `metadata`: Optional map of additional error context
For the complete mapping of A2A error types to HTTP status codes, see [Section 5.4 (Error Code Mappings)](#54-error-code-mappings). Additional error context **MAY** be included in the `details` array of the Status object.
**Error Response Example:**
```http
HTTP/1.1 404 Not Found
Content-Type: application/json
{
"error": {
"code": 404,
"status": "NOT_FOUND",
"message": "The specified task ID does not exist or is not accessible",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "TASK_NOT_FOUND",
"domain": "a2a-protocol.org",
"metadata": {
"taskId": "task-123",
"timestamp": "2025-11-09T10:30:00.000Z"
}
}
]
}
}
```
Extension fields like `taskId` and `timestamp` provide additional context to help diagnose the error.
### 11.7. Streaming
REST streaming uses Server-Sent Events with the `data` field containing JSON serializations of the protocol data objects:
```http
POST /message:stream
Content-Type: application/json
{ /* SendMessageRequest object */ }
```
**Referenced Objects:** [`SendMessageRequest`](#321-sendmessagerequest)
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: text/event-stream
data: { /* StreamResponse object */ }
data: { /* StreamResponse object */ }
```
**Referenced Objects:** [`StreamResponse`](#323-stream-response)
Streaming responses are simple, linearly ordered sequences: first a `Task` (or single `Message`), then zero or more status or artifact update events until the task reaches a terminal or interrupted state, at which point the stream closes. Implementations SHOULD avoid re-ordering events and MAY optionally resend a final `Task` snapshot before closing.
## 12. Custom Binding Guidelines
While the A2A protocol provides three standard bindings (JSON-RPC, gRPC, and HTTP+JSON/REST), implementers **MAY** create custom protocol bindings to support additional transport mechanisms or communication patterns. Custom bindings **MUST** comply with all requirements defined in [Section 5 (Protocol Binding Requirements and Interoperability)](#5-protocol-binding-requirements-and-interoperability). This section provides additional guidelines specific to developing custom bindings.
### 12.1. Binding Requirements
Custom protocol bindings **MUST**:
1. **Implement All Core Operations**: Support all operations defined in [Section 3 (A2A Protocol Operations)](#3-a2a-protocol-operations)
2. **Preserve Data Model**: Use data structures functionally equivalent to those defined in [Section 4 (Protocol Data Model)](#4-protocol-data-model)
3. **Maintain Semantics**: Ensure operations behave consistently with the abstract operation definitions
4. **Document Completely**: Provide comprehensive documentation of the binding specification
### 12.2. Data Type Mappings
Custom bindings **MUST** provide clear mappings for:
- **Protocol Buffer Types**: Define how each Protocol Buffer message type is represented
- **Timestamps**: Follow the conventions in [Section 5.6.1 (Timestamps)](#561-timestamps)
- **Binary Data**: Specify encoding for binary content (e.g., base64 for text-based protocols)
- **Enumerations**: Define representation of enum values (e.g., strings, integers)
### 12.3. Service Parameter Transmission
As specified in [Section 3.2.6 (Service Parameters)](#326-service-parameters), custom protocol bindings **MUST** document how service parameters are transmitted. The binding specification **MUST** address:
1. **Transmission Mechanism**: The protocol-specific method for transmitting service parameter key-value pairs
2. **Value Constraints**: Any limitations on service parameter values (e.g., character encoding, size limits)
3. **Reserved Names**: Any service parameter names reserved by the binding itself
4. **Fallback Strategy**: What happens when the protocol lacks native header support (e.g., passing service parameters in metadata)
**Example Documentation Requirements:**
- **For native header support**: "Service parameters are transmitted using HTTP request headers. Service parameter keys are case-insensitive and must conform to RFC 7230. Service parameter values must be UTF-8 strings."
- **For protocols without headers**: "Service parameters are serialized as a JSON object and transmitted in the request metadata field `a2a-service-parameters`."
### 12.4. Error Mapping
Custom bindings **MUST**:
1. **Map Standard Errors**: Provide mappings for all A2A-specific error types defined in [Section 3.2.2 (Error Handling)](#332-error-handling)
2. **Preserve Error Information**: Ensure error details are accessible to clients
3. **Use Appropriate Codes**: Map to protocol-native error codes where applicable
4. **Document Error Format**: Specify the structure of error responses
### 12.5. Streaming Support
If the binding supports streaming operations:
1. **Define Stream Mechanism**: Document how streaming is implemented (e.g., WebSockets, long-polling, chunked encoding)
2. **Event Ordering**: Specify ordering guarantees for streaming events
3. **Reconnection**: Define behavior for connection interruption and resumption
4. **Stream Termination**: Specify how stream completion is signaled
If streaming is not supported, the binding **MUST** clearly document this limitation in the Agent Card.
### 12.6. Authentication and Authorization
Custom bindings **MUST**:
1. **Support Standard Schemes**: Implement authentication schemes declared in the Agent Card
2. **Document Integration**: Specify how credentials are transmitted in the protocol
3. **Handle Challenges**: Define how authentication challenges are communicated
4. **Maintain Security**: Follow security best practices for the transport protocol
### 12.7. Agent Card Declaration
Custom bindings **MUST** be declared in the Agent Card:
1. **Transport Identifier**: Use a clear, descriptive transport name
2. **Endpoint URL**: Provide the full URL where the binding is available
3. **Documentation Link**: Include a URL to the complete binding specification
**Example:**
```json
{
"supportedInterfaces": [
{
"url": "wss://agent.example.com/a2a/websocket",
"protocolBinding": "WEBSOCKET"
}
]
}
```
### 12.8. Interoperability Testing
Custom binding implementers **SHOULD**:
1. **Test Against Reference**: Verify behavior matches standard bindings
2. **Document Differences**: Clearly note any deviations from standard binding behavior
3. **Provide Examples**: Include sample requests and responses
4. **Test Edge Cases**: Verify handling of error conditions, large payloads, and long-running tasks
## 13. Security Considerations
This section consolidates security guidance and best practices for implementing and operating A2A agents. For additional enterprise security considerations, see [Enterprise-Ready Features](./topics/enterprise-ready.md).
### 13.1. Data Access and Authorization Scoping
Implementations **MUST** ensure appropriate scope limitation based on the authenticated caller's authorization boundaries. This applies to all operations that access or list tasks and other resources.
**Authorization Principles:**
- Servers **MUST** implement authorization checks on every [A2A Protocol Operations](#3-a2a-protocol-operations) request
- Implementations **MUST** scope results to the caller's authorized access boundaries as defined by the agent's authorization model
- Even when `contextId` or other filter parameters are not specified in requests, implementations **MUST** scope results to the caller's authorized access boundaries
- Authorization models are agent-defined and **MAY** be based on:
- User identity (user-based authorization)
- Organizational roles or groups (role-based authorization)
- Project or workspace membership (project-based authorization)
- Organizational or tenant boundaries (multi-tenant authorization)
- Custom authorization logic specific to the agent's domain
**Operations Requiring Scope Limitation:**
- [`List Tasks`](#314-list-tasks): **MUST** only return tasks visible to the authenticated client according to the agent's authorization model
- [`Get Task`](#313-get-task): **MUST** verify the authenticated client has access to the requested task according to the agent's authorization model
- Task-related operations (Cancel, Subscribe, Push Notification Config): **MUST** verify the client has appropriate access rights according to the agent's authorization model
**Implementation Requirements:**
- Authorization boundaries are defined by each agent's authorization model, not prescribed by the protocol
- Authorization checks **MUST** occur before any database queries or operations that could leak information about the existence of resources outside the caller's authorization scope
- Agents **SHOULD** document their authorization model and access control policies
See also: [Section 3.1.4 List Tasks (Security Note)](#314-list-tasks) for operation-specific requirements.
### 13.2. Push Notification Security
When implementing push notifications, both agents (as webhook callers) and clients (as webhook receivers) have security responsibilities.
**Agent (Webhook Caller) Requirements:**
- Agents **MUST** include authentication credentials in webhook requests as specified in [`PushNotificationConfig.authentication`](#432-authenticationinfo)
- Agents **SHOULD** implement reasonable timeout values for webhook requests (recommended: 10-30 seconds)
- Agents **SHOULD** implement retry logic with exponential backoff for failed deliveries
- Agents **MAY** stop attempting delivery after a configured number of consecutive failures
- Agents **SHOULD** validate webhook URLs to prevent SSRF (Server-Side Request Forgery) attacks:
- Reject private IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16)
- Reject localhost and link-local addresses
- Implement URL allowlists where appropriate
**Client (Webhook Receiver) Requirements:**
- Clients **MUST** validate webhook authenticity using the provided authentication credentials
- Clients **SHOULD** verify the task ID in the payload matches an expected task they created
- Clients **MUST** respond with HTTP 2xx status codes to acknowledge successful receipt
- Clients **SHOULD** process notifications idempotently, as duplicate deliveries may occur
- Clients **SHOULD** implement rate limiting to prevent webhook flooding
- Clients **SHOULD** use HTTPS endpoints for webhook URLs to ensure confidentiality
**Configuration Security:**
- Webhook URLs **SHOULD** use HTTPS to protect payload confidentiality in transit
- Authentication tokens in [`PushNotificationConfig`](#431-pushnotificationconfig) **SHOULD** be treated as secrets and rotated periodically
- Agents **SHOULD** securely store push notification configurations and credentials
- Clients **SHOULD** use unique, single-purpose tokens for each push notification configuration
See also: [Section 4.3 Push Notification Objects](#43-push-notification-objects) and [Section 4.3.3 Push Notification Payload](#433-push-notification-payload).
### 13.3. Extended Agent Card Access Control
The extended Agent Card feature allows agents to provide additional capabilities or information to authenticated clients beyond what is available in the public Agent Card.
**Access Control Requirements:**
- The [`Get Extended Agent Card`](#3111-get-extended-agent-card) operation **MUST** require authentication
- Agents **MUST** authenticate requests using one of the schemes declared in the public `AgentCard.securitySchemes` and `AgentCard.security` fields
- Agents **MAY** return different extended card content based on the authenticated client's identity or authorization level
- Agents **SHOULD** implement appropriate caching headers to control client-side caching of extended cards
**Capability-Based Access:**
- Extended cards **MAY** include additional skills not present in the public card
- Extended cards **MAY** expose more detailed capability information (e.g., rate limits, quotas)
- Extended cards **MAY** include organization-specific or user-specific configuration
- Agents **SHOULD** document which capabilities are available at different authentication levels
**Security Considerations:**
- Extended cards **SHOULD NOT** include sensitive information that could be exploited if leaked (e.g., internal service URLs, unmasked credentials)
- Agents **MUST** validate that clients have appropriate permissions before returning privileged information in extended cards
- Clients retrieving extended cards **SHOULD** replace their cached public Agent Card with the extended version for the duration of their authenticated session
- Agents **SHOULD** version extended cards appropriately and honor client cache invalidation
**Availability Declaration:**
- Agents declare extended card support via `AgentCard.capabilities.extendedAgentCard`
- When `capabilities.extendedAgentCard` is `false` or not present, the operation **MUST** return [`UnsupportedOperationError`](#332-error-handling)
- When support is declared but no extended card is configured, the operation **MUST** return [`ExtendedAgentCardNotConfiguredError`](#332-error-handling)
See also: [Section 3.1.11 Get Extended Agent Card](#3111-get-extended-agent-card) and [Section 3.3.4 Capability Validation](#334-capability-validation).
### 13.4. General Security Best Practices
**Transport Security:**
- Production deployments **MUST** use encrypted communication (HTTPS for HTTP-based bindings, TLS for gRPC)
- Implementations **SHOULD** use modern TLS configurations (TLS 1.3+ recommended) with strong cipher suites
- Agents **SHOULD** enforce HSTS (HTTP Strict Transport Security) headers when using HTTP-based bindings
- Implementations **SHOULD** disable support for deprecated SSL/TLS versions (SSLv3, TLS 1.0, TLS 1.1)
**Input Validation:**
- Agents **MUST** validate all input parameters before processing
- Agents **SHOULD** implement appropriate limits on message sizes, file sizes, and request complexity
- Agents **SHOULD** sanitize or validate file content types and reject unexpected media types
**Credential Management:**
- API keys, tokens, and other credentials **MUST** be treated as secrets
- Credentials **SHOULD** be rotated periodically
- Credentials **SHOULD** be transmitted only over encrypted connections
- Agents **SHOULD** implement credential revocation mechanisms
- Agents **SHOULD** log authentication failures and implement rate limiting to prevent brute-force attacks
**Audit and Monitoring:**
- Agents **SHOULD** log security-relevant events (authentication failures, authorization denials, suspicious requests)
- Agents **SHOULD** implement monitoring for unusual patterns (rapid task creation, excessive cancellations)
- Agents **SHOULD** provide audit trails for sensitive operations
- Logs **MUST NOT** include sensitive information (credentials, personal data) unless required and properly protected
**Rate Limiting and Abuse Prevention:**
- Agents **SHOULD** implement rate limiting on all operations
- Agents **SHOULD** return appropriate error responses when rate limits are exceeded
- Agents **MAY** implement different rate limits for different operations or user tiers
**Data Privacy:**
- Agents **MUST** comply with applicable data protection regulations
- Agents **SHOULD** provide mechanisms for users to request deletion of their data
- Agents **SHOULD** implement appropriate data retention policies
- Agents **SHOULD** minimize logging of sensitive or personal information
**Custom Binding Security:**
- Custom protocol bindings **MUST** address security considerations in their specification
- Custom bindings **SHOULD** follow the same security principles as standard bindings
- Custom bindings **MUST** document authentication integration and credential transmission
See also: [Section 12.6 Authentication and Authorization (Custom Bindings)](#126-authentication-and-authorization).
## 14. IANA Considerations
This section provides registration templates for the A2A protocol's media type, HTTP headers, and well-known URI, intended for submission to the Internet Assigned Numbers Authority (IANA).
### 14.1. Media Type Registration
#### 14.1.1. application/a2a+json
**Type name:** `application`
**Subtype name:** `a2a+json`
**Required parameters:** None
**Optional parameters:**
- None
**Encoding considerations:** Binary (UTF-8 encoding MUST be used for JSON text)
**Security considerations:**
This media type shares security considerations common to all JSON-based formats as described in RFC 8259, Section 12. Additionally:
- Content MUST be validated against the A2A protocol schema before processing
- Implementations MUST sanitize user-provided content to prevent injection attacks
- File references within A2A messages MUST be validated to prevent server-side request forgery (SSRF)
- Authentication and authorization MUST be enforced as specified in Section 7 of the A2A specification
- Sensitive information in task history and artifacts MUST be protected according to applicable data protection regulations
**Interoperability considerations:**
The A2A protocol supports multiple protocol bindings. This media type is intended for the HTTP+JSON/REST binding.
**Published specification:**
Agent2Agent (A2A) Protocol Specification, available at:
{width="80%"}
_An agentic application might use A2A to communicate with other agents, while each agent internally uses MCP to interact with its specific tools and resources._
### Example Scenario: The Auto Repair Shop
Consider an auto repair shop staffed by autonomous AI agent "mechanics".
These mechanics use special-purpose tools, such as vehicle diagnostic scanners,
repair manuals, and platform lifts, to diagnose and repair problems. The repair
process can involve extensive conversations, research, and interaction with part
suppliers.
- **Customer Interaction (User-to-Agent using A2A)**: A customer (or their
primary assistant agent) uses A2A to communicate with the "Shop Manager"
agent.
For example, the customer might say, "My car is making a rattling noise".
- **Multi-turn Diagnostic Conversation (Agent-to-Agent using A2A)**: The Shop
Manager agent uses A2A for a multi-turn diagnostic conversation.
For example, the Manager might ask, "Can you send a video of the noise?" or "I see some fluid leaking. How long has this been happening?".
- **Internal Tool Usage (Agent-to-Tool using MCP)**: The Mechanic agent,
assigned the task by the Shop Manager, needs to diagnose the issue. The
Mechanic agent uses MCP to interact with its specialized tools.
For example:
- MCP call to a "Vehicle Diagnostic Scanner" tool:
`scan_vehicle_for_error_codes(vehicle_id='XYZ123')`
- MCP call to a "Repair Manual Database" tool:
`get_repair_procedure(error_code='P0300', vehicle_make='Toyota',
vehicle_model='Camry')`
- MCP call to a "Platform Lift" tool: `raise_platform(height_meters=2)`
- **Supplier Interaction (Agent-to-Agent using A2A)**: The Mechanic agent
determines that a specific part is needed. The Mechanic agent uses A2A to
communicate with a "Parts Supplier" agent to order a part.
For example, the
Mechanic agent might ask, "Do you have part #12345 in stock for a Toyota Camry 2018?"
- **Order processing (Agent-to-Agent using A2A)**: The Parts Supplier agent,
which is also an A2A-compliant system, responds, potentially leading to an
order.
In this example:
- A2A facilitates the higher-level, conversational, and task-oriented
interactions between the customer and the shop, and between the shop's
agents and external supplier agents.
- MCP enables the mechanic agent to use its specific, structured tools to
perform its diagnostic and repair functions.
An A2A server could expose some of its skills as MCP-compatible resources.
However, A2A's primary strength lies in its support for more flexible, stateful,
and collaborative interactions. These interactions go beyond a typical tool
invocation. A2A focuses on agents partnering on tasks, whereas MCP focuses on
agents using capabilities.
## Representing A2A Agents as MCP Resources
An A2A Server (a remote agent) could expose some of its skills as MCP-compatible resources, especially if those skills are well-defined and can be invoked in a more tool-like, stateless manner. In such a case, another agent might "discover" this A2A agent's specific skill through an MCP-style tool description (perhaps derived from its Agent Card).
However, the primary strength of A2A lies in its support for more flexible, stateful, and collaborative interactions that go beyond typical tool invocation. A2A is about agents _partnering_ on tasks, while MCP is more about agents _using_ capabilities.
By leveraging both A2A for inter-agent collaboration and MCP for tool integration, developers can build more powerful, flexible, and interoperable AI systems.
================================================
FILE: docs/topics/agent-discovery.md
================================================
# Agent Discovery in A2A
To collaborate using the Agent2Agent (A2A) protocol, AI agents need to first find each other and understand their capabilities. A2A standardizes agent self-descriptions through the **[Agent Card](../specification.md#5-agent-discovery-the-agent-card)**. However, discovery methods for these Agent Cards vary by environment and requirements. The Agent Card defines what an agent offers. Various strategies exist for a client agent to discover these cards. The choice of strategy depends on the deployment environment and security requirements.
## The Role of the Agent Card
The Agent Card is a JSON document that serves as a digital "business card" for an A2A Server (the remote agent). It is crucial for agent discovery and interaction. The key information included in an Agent Card is as follows:
- **Identity:** Includes `name`, `description`, and `provider` information.
- **Service Endpoint:** Specifies the `url` for the A2A service.
- **A2A Capabilities:** Lists supported features such as `streaming` or `pushNotifications`.
- **Authentication:** Details the required `schemes` (e.g., "Bearer", "OAuth2").
- **Skills:** Describes the agent's tasks using `AgentSkill` objects, including `id`, `name`, `description`, `inputModes`, `outputModes`, and `examples`.
Client agents use the Agent Card to determine an agent's suitability, structure requests, and ensure secure communication.
## Discovery Strategies
The following sections detail common strategies used by client agents to discover remote Agent Cards:
### 1. Well-Known URI
This approach is recommended for public agents or agents intended for broad discovery within a specific domain.
- **Mechanism:** A2A Servers make their Agent Card discoverable by hosting it at a standardized, `well-known` URI on their domain. The standard path is `https://{agent-server-domain}/.well-known/agent-card.json`, following the principles of [RFC 8615](https://datatracker.ietf.org/doc/html/rfc8615).
- **Process:**
1. A client agent knows or programmatically discovers the domain of a potential A2A Server (e.g., `smart-thermostat.example.com`).
2. The client performs an HTTP GET request to `https://smart-thermostat.example.com/.well-known/agent-card.json`.
3. If the Agent Card exists and is accessible, the server returns it as a JSON response.
- **Advantages:**
- Ease of implementation
- Adheres to standards
- Facilitates automated discovery
- **Considerations:**
- Best suited for open or domain-controlled discovery scenarios.
- Authentication is necessary at the endpoint serving the Agent Card if it contains sensitive details.
### 2. Curated Registries (Catalog-Based Discovery)
This approach is employed in enterprise environments or public marketplaces, where Agent Cards are often managed by a central registry. The curated registry acts as a central repository, allowing clients to query and discover agents based on criteria like "skills" or "tags".
- **Mechanism:** An intermediary service (the registry) maintains a collection of Agent Cards. Clients query this registry to find agents based on various criteria (e.g., skills offered, tags, provider name, capabilities).
- **Process:**
1. A2A Servers publish their Agent Cards to the registry.
2. Client agents query the registry's API, and search by criteria such as "specific skills".
3. The registry returns matching Agent Cards or references.
- **Advantages:**
- Centralized management and governance.
- Capability-based discovery (e.g., by skill).
- Support for access controls and trust frameworks.
- Applicable in both private and public marketplaces.
- **Considerations:**
- Requires deployment and maintenance of a registry service.
- The current A2A specification does not prescribe a standard API for curated registries.
### 3. Direct Configuration / Private Discovery
This approach is used for tightly coupled systems, private agents, or development purposes, where clients are directly configured with Agent Card information or URLs.
- **Mechanism:** Client applications utilize hardcoded details, configuration files, environment variables, or proprietary APIs for discovery.
- **Process:** The process is specific to the application's deployment and configuration strategy.
- **Advantages:** This method is straightforward for establishing connections within known, static relationships.
- **Considerations:**
- Inflexible for dynamic discovery scenarios.
- Changes to Agent Card information necessitate client reconfiguration.
- Proprietary API-based discovery also lacks standardization.
## Securing Agent Cards
Agent Cards include sensitive information, such as:
- URLs for internal or restricted agents.
- Descriptions of sensitive skills.
### Protection Mechanisms
To mitigate risks, the following protection mechanisms should be considered:
- **Authenticated Agent Cards:** We recommend the use of [authenticated extended agent cards](../specification.md#3111-get-extended-agent-card) for sensitive information or for serving a more detailed version of the card.
- **Secure Endpoints:** Implement access controls on the HTTP endpoint serving the Agent Card (e.g., `/.well-known/agent-card.json` or registry API). The methods include:
- Mutual TLS (mTLS)
- Network restrictions (e.g., IP ranges)
- HTTP Authentication (e.g., OAuth 2.0)
- **Registry Selective Disclosure:** Registries return different Agent Cards based on the client's identity and permissions.
Any Agent Card containing sensitive data must be protected with authentication and authorization mechanisms. The A2A specification strongly recommends the use of out-of-band dynamic credentials rather than embedding static secrets within the Agent Card.
## Caching Considerations
Agent Cards describe an agent's capabilities and typically change infrequently — for example, when skills are added or authentication requirements are updated. Applying standard HTTP caching practices to Agent Card endpoints reduces unnecessary network requests while ensuring clients eventually receive updated information.
### Server Guidance
Servers hosting Agent Card endpoints should include HTTP caching headers in their responses. The `Cache-Control` header with an appropriate `max-age` directive allows clients and intermediaries to cache the card for a specified duration. Including an `ETag` header — derived from the card's `version` field or a content hash — enables clients to make conditional requests and avoid re-downloading unchanged cards.
### Client Guidance
Clients fetching Agent Cards should honor standard HTTP caching semantics. When a cached card expires, clients should use conditional requests (for example, `If-None-Match` with the stored `ETag` or `If-Modified-Since`) rather than unconditionally re-fetching the full card. When the server does not provide caching headers, clients may apply a reasonable default cache duration.
For Extended Agent Cards, clients should also follow the session-scoped caching guidance described in the [specification](../specification.md#133-extended-agent-card-access-control).
For normative requirements, see [Section 8.6](../specification.md#86-caching) of the specification.
## Future Considerations
The A2A community explores standardizing registry interactions or advanced discovery protocols.
================================================
FILE: docs/topics/enterprise-ready.md
================================================
# Enterprise Implementation of A2A
The Agent2Agent (A2A) protocol is designed with enterprise requirements at its
core. Rather than inventing new, proprietary standards for security and
operations, A2A aims to integrate seamlessly with existing enterprise
infrastructure and widely adopted best practices. This approach allows
organizations to use their existing investments and expertise in security,
monitoring, governance, and identity management.
A key principle of A2A is that agents are typically **opaque** because they don't
share internal memory, tools, or direct resource access with each other. This
opacity naturally aligns with standard client-server security paradigms,
treating remote agents as standard HTTP-based enterprise applications.
## Transport Level Security (TLS)
Ensuring the confidentiality and integrity of data in transit is fundamental for
any enterprise application.
- **HTTPS Mandate**: All A2A communication in production environments must
occur over `HTTPS`.
- **Modern TLS Standards**: Implementations should use modern TLS versions.
TLS 1.2 or higher is recommended. Strong, industry-standard cipher suites
should be used to protect data from eavesdropping and tampering.
- **Server Identity Verification**: A2A clients should verify the A2A server's
identity by validating its TLS certificate against trusted certificate
authorities during the TLS handshake. This prevents man-in-the-middle
attacks.
## Authentication
A2A delegates authentication to standard web mechanisms. It primarily relies on
HTTP headers and established standards like OAuth2 and OpenID Connect.
Authentication requirements are advertised by the A2A server in its Agent Card.
- **No Identity in Payload**: A2A protocol payloads, such as `JSON-RPC`
messages, don't carry user or client identity information directly. Identity
is established at the transport/HTTP layer.
- **Agent Card Declaration**: The A2A server's Agent Card describes the
authentication schemes it supports in its `security` field and aligns with
those defined in the OpenAPI Specification for authentication.
- **Out-of-Band Credential Acquisition**: The A2A Client obtains the necessary credentials,
such as OAuth 2.0 tokens or API keys, through processes external to the A2A protocol itself. Examples include OAuth flows or secure key distribution.
- **HTTP Header Transmission**: Credentials **must** be transmitted in standard
HTTP headers as per the requirements of the chosen authentication scheme.
Examples include `Authorization: Bearer **To make use of this agent in a multi-language, multi-agent system, check out the [weather_and_airbnb_planner sample](https://github.com/a2aproject/a2a-samples/tree/main/samples/python/hosts/weather_and_airbnb_planner).** | Easy [Content Writer Agent](https://github.com/a2aproject/a2a-samples/tree/main/samples/java/agents/content_writer) | Build a content writer agent that generates engaging pieces of content from outlines.
**To make use of this agent in a content creation multi-language, multi-agent system, check out the [content_creation sample](https://github.com/a2aproject/a2a-samples/tree/main/samples/python/hosts/content_creation).** | Easy [Content Editor Agent](https://github.com/a2aproject/a2a-samples/tree/main/samples/java/agents/content_editor) | Build a content editor agent that proof-reads and polishes content.
**To make use of this agent in a content creation multi-language, multi-agent system, check out the [content_creation sample](https://github.com/a2aproject/a2a-samples/tree/main/samples/python/hosts/content_creation).** | Easy [Dice Agent (Multi-Transport)](https://github.com/a2aproject/a2a-samples/tree/main/samples/java/agents/dice_agent_multi_transport) | Build a multi-transport agent that rolls dice and checks for prime numbers. | Medium [Magic 8 Ball Agent (Security)](https://github.com/a2aproject/a2a-samples/tree/main/samples/java/agents/magic_8_ball_security) | Build a Magic 8 Ball agent to learn how to secure A2A servers with Keycloak using bearer token authentication and configure an A2A client to obtain and pass the required token. | Medium ## JavaScript Tutorial | Description :--------|:------------ [Movie research agent using JavaScript](https://github.com/a2aproject/a2a-samples/tree/main/samples/js) | Build an A2A agent with Node.js that uses the TMDB (The Movie Database) API to handle movie searches and queries. ## C#/.NET Tutorial | Description :--------|:------------ [All .NET samples](https://github.com/a2aproject/a2a-dotnet/tree/main/samples) | Repository of foundational samples showing how to build A2A clients and servers, including an Echo Agent, using the C#/.NET SDK. ================================================ FILE: docs/tutorials/python/1-introduction.md ================================================ # Python Quickstart Tutorial: Building an A2A Agent Welcome to the Agent2Agent (A2A) Python Quickstart Tutorial! In this tutorial, you will explore a simple "echo" A2A server using the Python SDK. This will introduce you to the fundamental concepts and components of an A2A server. You will then look at a more advanced example that integrates a Large Language Model (LLM). This hands-on guide will help you understand: - The basic concepts behind the A2A protocol. - How to set up a Python environment for A2A development using the SDK. - How Agent Skills and Agent Cards describe an agent. - How an A2A server handles tasks. - How to interact with an A2A server using a client. - How streaming capabilities and multi-turn interactions work. - How an LLM can be integrated into an A2A agent. By the end of this tutorial, you will have a functional understanding of A2A agents and a solid foundation for building or integrating A2A-compliant applications. ## Tutorial Sections The tutorial is broken down into the following steps: 1. **[Introduction (This Page)](./1-introduction.md)** 2. **[Setup](./2-setup.md)**: Prepare your Python environment and the A2A SDK. 3. **[Agent Skills & Agent Card](./3-agent-skills-and-card.md)**: Define what your agent can do and how it describes itself. 4. **[The Agent Executor](./4-agent-executor.md)**: Understand how the agent logic is implemented. 5. **[Starting the Server](./5-start-server.md)**: Run the Helloworld A2A server. 6. **[Interacting with the Server](./6-interact-with-server.md)**: Send requests to your agent. 7. **[Streaming & Multi-Turn Interactions](./7-streaming-and-multiturn.md)**: Explore advanced capabilities with the LangGraph example. 8. **[Next Steps](./8-next-steps.md)**: Explore further possibilities with A2A. Let's get started! ================================================ FILE: docs/tutorials/python/2-setup.md ================================================ # 2. Setup Your Environment ## Prerequisites - Python 3.10 or higher. - Access to a terminal or command prompt. - Git, for cloning the repository. - A code editor (e.g., Visual Studio Code) is recommended. ## Clone the Repository If you haven't already, clone the A2A Samples repository: ```bash git clone https://github.com/a2aproject/a2a-samples.git -b main --depth 1 cd a2a-samples ``` ## Python Environment & SDK Installation We recommend using a virtual environment for Python projects. The A2A Python SDK uses `uv` for dependency management, but you can use `pip` with `venv` as well. 1. **Create and activate a virtual environment:** Using `venv` (standard library): === "Mac/Linux" ```sh python -m venv .venv source .venv/bin/activate ``` === "Windows" ```powershell python -m venv .venv .venv\Scripts\activate ``` 2. **Install needed Python dependencies along with the A2A SDK and its dependencies:** ```bash pip install -r samples/python/requirements.txt ``` ## Verify Installation After installation, you should be able to import the `a2a` package in a Python interpreter: ```bash python -c "import a2a; print('A2A SDK imported successfully')" ``` If this command runs without error and prints the success message, your environment is set up correctly. ================================================ FILE: docs/tutorials/python/3-agent-skills-and-card.md ================================================ # 3. Agent Skills & Agent Card Before an A2A agent can do anything, it needs to define what it _can_ do (its skills) and how other agents or clients can find out about these capabilities (its Agent Card). We'll use the `helloworld` example located in [`a2a-samples/samples/python/agents/helloworld/`](https://github.com/a2aproject/a2a-samples/tree/main/samples/python/agents/helloworld). ## Agent Skills An **Agent Skill** describes a specific capability or function the agent can perform. It's a building block that tells clients what kinds of tasks the agent is good for. Key attributes of an `AgentSkill` (defined in `a2a.types`): - `id`: A unique identifier for the skill. - `name`: A human-readable name. - `description`: A more detailed explanation of what the skill does. - `tags`: Keywords for categorization and discovery. - `examples`: Sample prompts or use cases. - `inputModes` / `outputModes`: Supported Media Types for input and output (e.g., "text/plain", "application/json"). In `__main__.py`, you can see how a skill for the Helloworld agent is defined: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/__main__.py:AgentSkill" ``` This skill is very simple: it's named "Returns hello world" and primarily deals with text. ## Agent Card The **Agent Card** is a JSON document that an A2A Server makes available, typically at a `.well-known/agent-card.json` endpoint. It's like a digital business card for the agent. Key attributes of an `AgentCard` (defined in `a2a.types`): - `name`, `description`, `version`: Basic identity information. - `url`: The endpoint where the A2A service can be reached. - `capabilities`: Specifies supported A2A features like `streaming` or `pushNotifications`. - `defaultInputModes` / `defaultOutputModes`: Default Media Types for the agent. - `skills`: A list of `AgentSkill` objects that the agent offers. The `helloworld` example defines its Agent Card like this: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/__main__.py:AgentCard" ``` This card tells us the agent is named "Hello World Agent", runs at `http://localhost:9999/`, supports text interactions, and has the `hello_world` skill. It also indicates public authentication, meaning no specific credentials are required. Understanding the Agent Card is crucial because it's how a client discovers an agent and learns how to interact with it. ================================================ FILE: docs/tutorials/python/4-agent-executor.md ================================================ # 4. The Agent Executor The core logic of how an A2A agent processes requests and generates responses/events is handled by an **Agent Executor**. The A2A Python SDK provides an abstract base class `a2a.server.agent_execution.AgentExecutor` that you implement. ## `AgentExecutor` Interface The `AgentExecutor` class defines two primary methods: - `async def execute(self, context: RequestContext, event_queue: EventQueue)`: Handles incoming requests that expect a response or a stream of events. It processes the user's input (available via `context`) and uses the `event_queue` to send back `Message`, `Task`, `TaskStatusUpdateEvent`, or `TaskArtifactUpdateEvent` objects. - `async def cancel(self, context: RequestContext, event_queue: EventQueue)`: Handles requests to cancel an ongoing task. The `RequestContext` provides information about the incoming request, such as the user's message and any existing task details. The `EventQueue` is used by the executor to send events back to the client. ## Helloworld Agent Executor Let's look at `agent_executor.py`. It defines `HelloWorldAgentExecutor`. 1. **The Agent (`HelloWorldAgent`)**: This is a simple helper class that encapsulates the actual "business logic". ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/agent_executor.py:HelloWorldAgent" ``` It has a simple `invoke` method that returns the string "Hello World". 2. **The Executor (`HelloWorldAgentExecutor`)**: This class implements the `AgentExecutor` interface. - **`__init__`**: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/agent_executor.py:HelloWorldAgentExecutor_init" ``` It instantiates the `HelloWorldAgent`. - **`execute`**: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/agent_executor.py:HelloWorldAgentExecutor_execute" ``` When a `message/send` or `message/stream` request comes in (both are handled by `execute` in this simplified executor): 1. It calls `self.agent.invoke()` to get the "Hello World" string. 2. It creates an A2A `Message` object using the `new_agent_text_message` utility function. 3. It enqueues this message onto the `event_queue`. The underlying `DefaultRequestHandler` will then process this queue to send the response(s) to the client. For a single message like this, it will result in a single response for `message/send` or a single event for `message/stream` before the stream closes. - **`cancel`**: The Hello World example's `cancel` method simply raises an exception, indicating that cancellation is not supported for this basic agent. ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/agent_executor.py:HelloWorldAgentExecutor_cancel" ``` The `AgentExecutor` acts as the bridge between the A2A protocol (managed by the request handler and server application) and your agent's specific logic. It receives context about the request and uses an event queue to communicate results or updates back. ================================================ FILE: docs/tutorials/python/5-start-server.md ================================================ # 5. Starting the Server Now that we have an Agent Card and an Agent Executor, we can set up and start the A2A server. The A2A Python SDK provides an `A2AStarletteApplication` class that simplifies running an A2A-compliant HTTP server. It uses [Starlette](https://www.starlette.io/) for the web framework and is typically run with an ASGI server like [Uvicorn](https://www.uvicorn.org/). ## Server Setup in Helloworld Let's look at `__main__.py` again to see how the server is initialized and started. ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/__main__.py" ``` Let's break this down: 1. **`DefaultRequestHandler`**: - The SDK provides `DefaultRequestHandler`. This handler takes your `AgentExecutor` implementation (here, `HelloWorldAgentExecutor`) and a `TaskStore` (here, `InMemoryTaskStore`). - It routes incoming A2A RPC calls to the appropriate methods on your executor (like `execute` or `cancel`). - The `TaskStore` is used by the `DefaultRequestHandler` to manage the lifecycle of tasks, especially for stateful interactions, streaming, and resubscription. Even if your agent executor is simple, the handler needs a task store. 2. **`A2AStarletteApplication`**: - The `A2AStarletteApplication` class is instantiated with the `agent_card` and the `request_handler` (referred to as `http_handler` in its constructor). - The `agent_card` is crucial because the server will expose it at the `/.well-known/agent-card.json` endpoint (by default). - The `request_handler` is responsible for processing all incoming A2A method calls by interacting with your `AgentExecutor`. 3. **`uvicorn.run(server_app_builder.build(), ...)`**: - The `A2AStarletteApplication` has a `build()` method that constructs the actual Starlette application. - This application is then run using `uvicorn.run()`, making your agent accessible over HTTP. - `host='0.0.0.0'` makes the server accessible on all network interfaces on your machine. - `port=9999` specifies the port to listen on. This matches the `url` in the `AgentCard`. ## Running the Helloworld Server Navigate to the `a2a-samples` directory in your terminal (if you're not already there) and ensure your virtual environment is activated. To run the Helloworld server: ```bash # from the a2a-samples directory python samples/python/agents/helloworld/__main__.py ``` You should see output similar to this, indicating the server is running: ```console { .no-copy } INFO: Started server process [xxxxx] INFO: Waiting for application startup. INFO: Application startup complete. INFO: Uvicorn running on http://0.0.0.0:9999 (Press CTRL+C to quit) ``` Your A2A Helloworld agent is now live and listening for requests! In the next step, we'll interact with it. ================================================ FILE: docs/tutorials/python/6-interact-with-server.md ================================================ # 6. Interacting with the Server With the Helloworld A2A server running, let's send some requests to it. The SDK includes a client (`A2AClient`) that simplifies these interactions. ## The Helloworld Test Client The `test_client.py` script demonstrates how to: 1. Fetch the Agent Card from the server. 2. Create an `A2AClient` instance. 3. Send both non-streaming (`message/send`) and streaming (`message/stream`) requests. Open a **new terminal window**, activate your virtual environment, and navigate to the `a2a-samples` directory. Activate virtual environment (Be sure to do this in the same directory where you created the virtual environment): === "Mac/Linux" ```sh source .venv/bin/activate ``` === "Windows" ```powershell .venv\Scripts\activate ``` Run the test client: ```bash # from the a2a-samples directory python samples/python/agents/helloworld/test_client.py ``` ## Understanding the Client Code Let's look at key parts of `test_client.py`: 1. **Fetching the Agent Card & Initializing the Client**: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/test_client.py:A2ACardResolver" ``` The `A2ACardResolver` class is a convenience. It first fetches the `AgentCard` from the server's `/.well-known/agent-card.json` endpoint (based on the provided base URL) and then initializes the client with it. 2. **Sending a Non-Streaming Message (`send_message`)**: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/test_client.py:send_message" ``` - The `send_message_payload` constructs the data for `MessageSendParams`. - This is wrapped in a `SendMessageRequest`. - It includes a `message` object with the `role` set to "user" and the content in `parts`. - The Helloworld agent's `execute` method will enqueue a single "Hello World" message. The `DefaultRequestHandler` will retrieve this and send it as the response. - The `response` will be a `SendMessageResponse` object, which contains either a `SendMessageSuccessResponse` (with the agent's `Message` as the result) or a `JSONRPCErrorResponse`. 3. **Handling Task IDs (Illustrative Note for Helloworld)**: The Helloworld client (`test_client.py`) doesn't attempt `get_task` or `cancel_task` directly because the simple Helloworld agent's `execute` method, when called via `message/send`, results in the `DefaultRequestHandler` returning a direct `Message` response rather than a `Task` object. More complex agents that explicitly manage tasks (like the LangGraph example) would return a `Task` object from `message/send`, and its `id` could then be used for `get_task` or `cancel_task`. 4. **Sending a Streaming Message (`send_message_streaming`)**: ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/helloworld/test_client.py:send_message_streaming" ``` - This method calls the agent's `message/stream` endpoint. The `DefaultRequestHandler` will invoke the `HelloWorldAgentExecutor.execute` method. - The `execute` method enqueues one "Hello World" message, and then the event queue is closed. - The client will receive this single message as one `SendStreamingMessageResponse` event, and then the stream will terminate. - The `stream_response` is an `AsyncGenerator`. ## Expected Output When you run `test_client.py`, you'll see JSON outputs for: - The non-streaming response (a single "Hello World" message). - The streaming response (a single "Hello World" message as one chunk, after which the stream ends). The `id` fields in the output will vary with each run. ```console { .no-copy } // Non-streaming response {"jsonrpc":"2.0","id":"xxxxxxxx","result":{"message":{"role":"ROLE_AGENT","parts":[{"text":"Hello World"}],"messageId":"yyyyyyyy"}}} // Streaming response (one chunk) {"jsonrpc":"2.0","id":"zzzzzzzz","result":{"message":{"role":"ROLE_AGENT","parts":[{"text":"Hello World"}],"messageId":"wwwwwwww"}}} ``` _(Actual IDs like `xxxxxxxx`, `yyyyyyyy`, `zzzzzzzz`, `wwwwwwww` will be different UUIDs/request IDs)_ This confirms your server is correctly handling basic A2A interactions with the updated SDK structure! Now you can shut down the server by typing Ctrl+C in the terminal window where `__main__.py` is running. ================================================ FILE: docs/tutorials/python/7-streaming-and-multiturn.md ================================================ # 7. Streaming & Multi-Turn Interactions (LangGraph Example) The Hello World example demonstrates the basic mechanics of A2A. For more advanced features like robust streaming, task state management, and multi-turn conversations powered by an LLM, we'll turn to the LangGraph example located in [`a2a-samples/samples/python/agents/langgraph/`](https://github.com/a2aproject/a2a-samples/tree/main/samples/python/agents/langgraph). This example features a "Currency Agent" that uses the Gemini model via LangChain and LangGraph to answer currency conversion questions. ## Setting up the LangGraph Example 1. Create a [Gemini API Key](https://ai.google.dev/gemini-api/docs/api-key), if you don't already have one. 2. **Environment Variable:** Create a `.env` file in the `a2a-samples/samples/python/agents/langgraph/` directory: ```bash echo "GOOGLE_API_KEY=YOUR_API_KEY_HERE" > .env ``` Replace `YOUR_API_KEY_HERE` with your actual Gemini API key. 3. **Install Dependencies (if not already covered):** The `langgraph` example has its own `pyproject.toml` which includes dependencies like `langchain-google-genai` and `langgraph`. When you installed the SDK from the `a2a-samples` root using `pip install -e .[dev]`, this should have also installed the dependencies for the workspace examples, including `langgraph-example`. If you encounter import errors, ensure your primary SDK installation from the root directory was successful. ## Running the LangGraph Server Navigate to the `a2a-samples/samples/python/agents/langgraph/app` directory in your terminal and ensure your virtual environment (from the SDK root) is activated. Start the LangGraph agent server: ```bash python __main__.py ``` This will start the server, usually on `http://localhost:10000`. ## Interacting with the LangGraph Agent Open a **new terminal window**, activate your virtual environment, and navigate to `a2a-samples/samples/python/agents/langgraph/app`. Run its test client: ```bash python test_client.py ``` Now, you can shut down the server by typing Ctrl+C in the terminal window where `__main__.py` is running. ## Key Features Demonstrated The `langgraph` example showcases several important A2A concepts: 1. **LLM Integration**: - `agent.py` defines `CurrencyAgent`. It uses `ChatGoogleGenerativeAI` and LangGraph's `create_react_agent` to process user queries. - This demonstrates how a real LLM can power the agent's logic. 2. **Task State Management**: - `samples/langgraph/__main__.py` initializes a `DefaultRequestHandler` with an `InMemoryTaskStore`. ```python { .no-copy } --8<-- "https://raw.githubusercontent.com/a2aproject/a2a-samples/refs/heads/main/samples/python/agents/langgraph/app/__main__.py:DefaultRequestHandler" ``` - The `CurrencyAgentExecutor` (in `samples/langgraph/agent_executor.py`), when its `execute` method is called by the `DefaultRequestHandler`, interacts with the `RequestContext` which contains the current task (if any). - For `message/send`, the `DefaultRequestHandler` uses the `TaskStore` to persist and retrieve task state across interactions. The response to `message/send` will be a full `Task` object if the agent's execution flow involves multiple steps or results in a persistent task. - The `test_client.py`'s `run_single_turn_test` demonstrates getting a `Task` object back and then querying it using `get_task`. 3. **Streaming with `TaskStatusUpdateEvent` and `TaskArtifactUpdateEvent`**: - The `execute` method in `CurrencyAgentExecutor` is responsible for handling both non-streaming and streaming requests, orchestrated by the `DefaultRequestHandler`. - As the LangGraph agent processes the request (which might involve calling tools like `get_exchange_rate`), the `CurrencyAgentExecutor` enqueues different types of events onto the `EventQueue`: - `TaskStatusUpdateEvent`: For intermediate updates (e.g., "Looking up exchange rates...", "Processing the exchange rates.."). - `TaskArtifactUpdateEvent`: When the final answer is ready, it's enqueued as an artifact. The `lastChunk` flag is `True`. - A final `TaskStatusUpdateEvent` with `state=TaskState.completed` is sent to signify the end of the task, closing the stream. - The `test_client.py`'s `run_streaming_test` function will print these individual event chunks as they are received from the server. 4. **Multi-Turn Conversation (`TaskState.input_required`)**: - The `CurrencyAgent` can ask for clarification if a query is ambiguous (e.g., user asks "how much is 100 USD?"). - When this happens, the `CurrencyAgentExecutor` will enqueue a `TaskStatusUpdateEvent` where `status.state` is `TaskState.input_required` and `status.message` contains the agent's question (e.g., "To which currency would you like to convert?"). The stream closes after this event. - The `test_client.py`'s `run_multi_turn_test` function demonstrates this: - It sends an initial ambiguous query. - The agent responds (via the `DefaultRequestHandler` processing the enqueued events) with a `Task` whose status is `input_required`. - The client then sends a second message, including the `taskId` and `contextId` from the first turn's `Task` response, to provide the missing information ("in GBP"). This continues the same task. ## Exploring the Code Take some time to look through these files: - `__main__.py`: Server setup using `A2AStarletteApplication` and `DefaultRequestHandler`. Note the `AgentCard` definition includes `capabilities.streaming=True`. - `agent.py`: The `CurrencyAgent` with LangGraph, LLM model, and tool definitions. - `agent_executor.py`: The `CurrencyAgentExecutor` implementing the `execute` (and `cancel`) method. It uses the `RequestContext` to understand the ongoing task and the `EventQueue` to send back various events (`TaskStatusUpdateEvent`, `TaskArtifactUpdateEvent`, new `Task` object implicitly via the first event if no task exists). - `test_client.py`: Demonstrates various interaction patterns, including retrieving task IDs and using them for multi-turn conversations. This example provides a much richer illustration of how A2A facilitates complex, stateful, and asynchronous interactions between agents. ================================================ FILE: docs/tutorials/python/8-next-steps.md ================================================ # Next Steps Congratulations on completing the A2A Python SDK Tutorial! You've learned how to: - Set up your environment for A2A development. - Define Agent Skills and Agent Cards using the SDK's types. - Implement a basic HelloWorld A2A server and client. - Understand and implement streaming capabilities. - Integrate a more complex agent using LangGraph, demonstrating task state management and tool use. You now have a solid foundation for building and integrating your own A2A-compliant agents. ## Where to Go From Here? Here are some ideas and resources to continue your A2A journey: - **Explore Other Examples:** - Check out the other examples in the [a2a-samples GitHub repository](https://github.com/a2aproject/a2a-samples/tree/main/samples) for more complex agent integrations and features. - **Deepen Your Protocol Understanding:** - 📚 Read the complete [A2A Protocol Documentation site](https://a2a-protocol.org) for a comprehensive overview. - 📝 Review the detailed [A2A Protocol Specification](../../specification.md) to understand the nuances of all data structures and RPC methods. - **Review Key A2A Topics:** - [A2A and MCP](../../topics/a2a-and-mcp.md): Understand how A2A complements the Model Context Protocol for tool usage. - [Enterprise-Ready Features](../../topics/enterprise-ready.md): Learn about security, observability, and other enterprise considerations. - [Streaming & Asynchronous Operations](../../topics/streaming-and-async.md): Get more details on SSE and push notifications. - [Agent Discovery](../../topics/agent-discovery.md): Explore different ways agents can find each other. - **Build Your Own Agent:** - Try creating a new A2A agent using your favorite Python agent framework (like LangChain, CrewAI, AutoGen, Semantic Kernel, or a custom solution). - Implement the `a2a.server.AgentExecutor` interface to bridge your agent's logic with the A2A protocol. - Think about what unique skills your agent could offer and how its Agent Card would represent them. - **Experiment with Advanced Features:** - Implement robust task management with a persistent `TaskStore` if your agent handles long-running or multi-session tasks. - Explore implementing push notifications if your agent's tasks are very long-lived. - Consider more complex input and output modalities (e.g., handling file uploads/downloads via file Parts, or structured data via data Parts). - **Contribute to the A2A Community:** - Join the discussions on the [A2A GitHub Discussions page](https://github.com/a2aproject/A2A/discussions). - Report issues or suggest improvements via [GitHub Issues](https://github.com/a2aproject/A2A/issues). - Consider contributing code, examples, or documentation. See the [CONTRIBUTING.md](https://github.com/a2aproject/A2A/blob/main/CONTRIBUTING.md) guide. The A2A protocol aims to foster an ecosystem of interoperable AI agents. By building and sharing A2A-compliant agents, you can be a part of this exciting development! ================================================ FILE: docs/whats-new-v1.md ================================================ # What's New in A2A Protocol v1.0 This document provides a comprehensive overview of changes from A2A Protocol v0.3.0 to v1.0. The v1.0 release represents a significant maturation of the protocol with enhanced clarity, stronger specifications, and important structural improvements. ## Overview of Major Themes The v1.0 release focuses on four major themes: ### 1. **Protocol Maturity and Standardization** - Elevate a2a.proto from being a gRPC-specific implementation file to the universal, normative source of truth - Leverage formal specification standards (RFC 8785, RFC 7515) and google.rpc.Status where possible - Stricter adherence to industry-standard patterns for REST, gRPC, and JSON-RPC bindings - Enhanced versioning strategy with explicit backward compatibility rules - Comprehensive error taxonomy with protocol-specific mappings ### 2. **Enhanced Type Safety and Clarity** - Removal of discriminator `kind` fields in favor of JSON member-based polymorphism - **Breaking:** Enum values changed from `kebab-case` to `SCREAMING_SNAKE_CASE` for compliance with the ProtoJSON specification - Stricter field naming conventions (`camelCase` for JSON) - More precise timestamp specifications (ISO 8601 with millisecond precision) - Better-defined data types with clearer Optional vs Required semantics ### 3. **Improved Developer Experience** - Renamed operations for consistency and clarity - Reorganized Agent Card structure for better logical grouping - Enhanced extension mechanism with versioning and requirement declarations - More explicit service parameter handling (A2A-Version, A2A-Extensions headers) - **Simplified ID format** - Removed complex compound IDs (e.g., `tasks/{id}`) in favor of simple UUIDs - **Protocol versioning per interface** - Each AgentInterface specifies its own protocol version for better backward compatibility - **Multi-tenancy support** - Native tenant scoping in gRPC requests ### 4. **Enterprise-Ready Features** - Agent Card signature verification using JWS and JSON Canonicalization - Formal specification of all three protocol bindings with equivalence guarantees - Enhanced security scheme declarations with mutual TLS support - **Modern OAuth 2.0 flows** - Added Device Code flow (RFC 8628), removed deprecated implicit/password flows - **PKCE support** - Added `pkce_required` field to Authorization Code flow for enhanced security - Cursor-based pagination for scalable task listing --- ## Behavioral Changes for Core Operations ### Send Message (`message/send` → **`SendMessage`**) **v0.3.0 Behavior:** - Operation named `message/send` - Less formal specification of when `Task` vs `Message` is returned **v1.0 Changes:** - **✅ RENAMED:** Operation now **`SendMessage`** - **✅ CLARIFIED:** More precise specification of Task vs Message return semantics ### Send Streaming Message (`message/stream` → **SendStreamingMessage**) **v0.3.0 Behavior:** - Operation named `message/stream` - Stream events had `kind` discriminator field **v1.0 Changes:** - **✅ RENAMED:** Operation now **`SendStreamingMessage`** - **✅ BREAKING:** Stream events no longer have `kind` field - Use JSON member names to discriminate between `TaskStatusUpdateEvent` and `TaskArtifactUpdateEvent` - **✅ REMOVED:** `final` boolean field removed from TaskStatusUpdateEvent. Leverage protocol binding specific stream closure mechanism instead. - **✅ CLARIFIED:** Multiple concurrent streams allowed; all receive same ordered events ### Get Task (`tasks/get` → **GetTask**) **v0.3.0 Behavior:** - Operation named `tasks/get` - Returns task with status, artifacts, and optionally history - Less formal specification of what "include history" means **v1.0 Changes:** - **✅ RENAMED:** Operation now **GetTask** - **✅ NEW:** `createdAt` and `lastModified` timestamp fields added to Task object - **✅ CLARIFIED:** More precise specification of history inclusion behavior - **✅ NEW:** Task object now includes `extensions[]` array in messages and artifacts - **✅ CLARIFIED:** Authentication/authorization scoping - servers MUST only return tasks visible to caller ### List Tasks (`tasks/list` → **ListTasks**) **v0.3.0 Behavior:** - Operation unavailable. **v1.0 Changes:** - **✅ NEW:** New operation **ListTasks** with filtering capabilities - **✅ CLARIFIED:** Task visibility scoped to authenticated caller ### Cancel Task (`tasks/cancel` → **CancelTask**) **v0.3.0 Behavior:** - Operation named `tasks/cancel` - Request with taskId, returns Task **v1.0 Changes:** - **✅ RENAMED:** Operation now **CancelTask** - **✅ CLARIFIED:** More precise specification of when cancellation is allowed - **✅ CLARIFIED:** Task state transitions for cancellation scenarios ### Get Agent Card (Well-known URI and **GetExtendedAgentCard**) **v0.3.0 Behavior:** - Discovery via `/.well-known/agent-card.json` - Extended card via `agent/getAuthenticatedExtendedCard` - `supportsAuthenticatedExtendedCard` boolean at top level **v1.0 Changes:** - **✅ RENAMED:** `agent/getAuthenticatedExtendedCard` → **GetExtendedAgentCard** - **✅ BREAKING:** `supportsAuthenticatedExtendedCard` moved to `capabilities.extendedAgentCard` - **✅ NEW:** Canonicalization (RFC 8785) clarified for Agent Card signature - **✅ BREAKING:** `protocolVersion` moved from AgentCard to individual AgentInterface objects - **✅ BREAKING:** `preferredTransport` and `additionalInterfaces` consolidated into `supportedInterfaces[]` - Each interface has `url`, `protocolBinding`, and `protocolVersion` ### Subscribe to task (`tasks/resubscribe` → **SubscribeToTask**) **v0.3.0 Behavior:** - Used `tasks/resubscribe` to reconnect interrupted SSE streams - Backfill behavior implementation-dependent **v1.0 Changes:** - **✅ RENAMED:** Operation now **SubscribeToTask** - **✅ CLARIFIED:** Formal specification of streaming subscription lifecycle - **✅ CLARIFIED:** Stream closure behavior when task reaches terminal state - **✅ CLARIFIED:** Multiple concurrent subscriptions supported per task ### Push Notification Operations **v0.3.0 Operations:** - `tasks/pushNotificationConfig/set` - `tasks/pushNotificationConfig/get` - `tasks/pushNotificationConfig/list` - `tasks/pushNotificationConfig/delete` **v1.0 Changes:** - **✅ RENAMED:** Operations now **CreateTaskPushNotificationConfig**, **GetTaskPushNotificationConfig**, **ListTaskPushNotificationConfigs**, **DeleteTaskPushNotificationConfig** - **✅ NEW:** `createdAt` timestamp field added to PushNotificationConfig - **✅ CLARIFIED:** Push notification payloads now use StreamResponse format - **✅ BREAKING:** model changed for all methods, with TaskPushNotificationConfig flattened ### NEW: Multi-Tenancy Support **v0.3.0:** - No native multi-tenancy support in protocol - Tenants handled implicitly via authentication or URL paths **v1.0 Changes:** - **✅ NEW:** `tenant` field added to all request messages - **✅ NEW:** `tenant` field added to `AgentInterface` to specify default tenant - **✅ CLARIFIED:** Tenant provided per-request, inherited from AgentInterface - **✅ USE CASE:** Enables to serve multiple agents from a single endpoint ### Protocol Simplifications #### ID Format Simplification (#1389) **v0.3.0:** - Some operations used complex compound IDs like `tasks/{taskId}` - Required clients/servers to construct/deconstruct resource names **v1.0 Changes:** - **✅ BREAKING:** All IDs are now simple literals - **✅ BREAKING:** Operations that previously used compound IDs now separate parent and resource ID - Example: `tasks/{taskId}/pushNotificationConfigs/{configId}` → separate `task_id` and `config_id` fields - **✅ BENEFIT:** Simpler to implement - IDs map directly to database keys #### HTTP URL Path Simplification (#1269) **v0.3.0:** - HTTP+JSON binding used `/v1/` prefix in URLs - Example: `POST /v1/message:send` **v1.0 Changes:** - **✅ BREAKING:** Removed `/v1` prefix from HTTP+JSON URL paths - **✅ NEW:** Examples: `POST /message:send`, `GET /tasks/{id}` - **✅ RATIONALE:** Version can be part of the base url if required by agent owner - **✅ BENEFIT:** Cleaner URLs, version management at interface level --- ## Structural Changes in Core Model Objects ### TaskStatus Object **Modified Fields:** - ✅ `state`: **BREAKING** - Enum values changed from lowercase to `SCREAMING_SNAKE_CASE` with `TASK_STATE_` prefix - v0.3.0: `"submitted"`, `"working"`, `"completed"`, `"failed"`, `"canceled"`, `"rejected"`, `"input-required"`, `"auth-required"` - v1.0: `"TASK_STATE_SUBMITTED"`, `"TASK_STATE_WORKING"`, `"TASK_STATE_COMPLETED"`, `"TASK_STATE_FAILED"`, `"TASK_STATE_CANCELED"`, `"TASK_STATE_REJECTED"`, `"TASK_STATE_INPUT_REQUIRED"`, `"TASK_STATE_AUTH_REQUIRED"` - ✅ `timestamp`: Now explicitly ISO 8601 UTC with millisecond precision (YYYY-MM-DDTHH:mm:ss.sssZ) **Removed Fields:** - None **Example Migration:** ```json // v0.3.0 { "status": { "state": "completed", "timestamp": "2024-03-15T10:15:00Z" } } // v1.0 { "status": { "state": "TASK_STATE_COMPLETED", "timestamp": "2024-03-15T10:15:00.000Z" } } ``` ### Message Object **Added Fields:** - ✅ `extensions[]`: Array of extension URIs applicable to this message **Modified Fields:** - ✅ `role`: **BREAKING** - Enum values changed from lowercase to `SCREAMING_SNAKE_CASE` with `ROLE_` prefix - v0.3.0: `"user"`, `"agent"` - v1.0: `"ROLE_USER"`, `"ROLE_AGENT"` **Example Migration:** ```json // v0.3.0 { "role": "user", "parts": [{"kind": "text", "text": "Hello"}] } // v1.0 { "role": "ROLE_USER", "parts": [{"text": "Hello"}], } ``` **Behavior Changes:** - Parts array now uses member-based discrimination instead of `kind` field ### Part Object **BREAKING CHANGE - Complete Redesign:** The Part structure has been completely redesigned in v1.0. Instead of separate TextPart, FilePart, and DataPart message types, there is now a single unified `Part` message. **v0.3.0 Structure (Separate Types):** ```json // Text example { "kind": "text", "text": "Hello world" } // File example { "kind": "file", "file": { "fileWithUri": "https://example.com/doc.pdf", "mimeType": "application/pdf" } } // Data example { "kind": "data", "data": {"key": "value"} } ``` **v1.0 Structure (Unified Part):** ```json // Text example { "text": "Hello world", "mediaType": "text/plain" } // File with URL example { "url": "https://example.com/doc.pdf", "filename": "doc.pdf", "mediaType": "application/pdf" } // File with raw bytes example { "raw": "base64encodedcontent==", "filename": "image.png", "mediaType": "image/png" } // Data example { "data": {"key": "value"}, "mediaType": "application/json" } ``` **Changes:** - ⛔ **REMOVED:** Separate `TextPart`, `FilePart`, and `DataPart` types - ⛔ **REMOVED:** `kind` discriminator field - ⛔ **REMOVED:** Nested `file` object structure - ✅ **NEW:** Single unified `Part` message with `oneof content` field - ✅ **NEW:** Content type determined by which field is present: `text`, `raw`, `url`, or `data` - ✅ **NEW:** `mediaType` field (replaces `mimeType`) - available for all part types - ✅ **NEW:** `filename` field - available for all part types (not just files) - ✅ **NEW:** `raw` field for inline binary content (base64 in JSON) - ✅ **NEW:** `url` field for file references (replaces `file.fileWithUri`) **Migration Examples:** ```typescript // v0.3.0 const textPart = { kind: "text", text: "Hello" }; const filePart = { kind: "file", file: { fileWithUri: "https://...", mimeType: "image/png" } }; const dataPart = { kind: "data", data: { key: "value" } }; // v1.0 const textPart = { text: "Hello", mediaType: "text/plain" }; const filePart = { url: "https://...", mediaType: "image/png", filename: "image.png" }; const dataPart = { data: { key: "value" }, mediaType: "application/json" }; // Discrimination changed from kind field to member presence if (part.kind === "text") { ... } // v0.3.0 if ("text" in part) { ... } // v1.0 ``` ### Artifact Object **Added Fields:** - ✅ `extensions[]`: Array of extension URIs **Modified Fields:** - ✅ `parts[]`: Now uses member-based Part discrimination (see Part changes above) ### AgentCard Object **Added Fields:** - ✅ `supportedInterfaces[]`: Array of `AgentInterface` objects **Removed Fields:** - ⛔ `protocolVersion`: Removed from AgentCard (now in each AgentInterface) - ⛔ `preferredTransport`: Consolidated into `supportedInterfaces` - ⛔ `additionalInterfaces`: Consolidated into `supportedInterfaces` - ⛔ `supportsAuthenticatedExtendedCard`: Moved to `capabilities.extendedAgentCard` - ⛔ `url`: Primary endpoint now in `supportedInterfaces[0].url` **Structure Example:** **v0.3.0:** ```json { "protocolVersion": "0.3", "url": "https://agent.example.com/a2a", "preferredTransport": "JSONRPC", "supportsAuthenticatedExtendedCard": true, "additionalInterfaces": [...] } ``` **v1.0:** ```json { "supportedInterfaces": [ { "url": "https://agent.example.com/a2a", "protocolBinding": "JSONRPC", "protocolVersion": "1.0" } ], "capabilities": { "extendedAgentCard": true }, "signatures": [...] } ``` ### AgentCapabilities Object **Modified Fields:** - ✅ `extendedAgentCard`: Moved from top-level `supportsAuthenticatedExtendedCard` field ### PushNotificationConfig Object **Added Fields:** - ✅ `configId`: Unique identifier for the configuration - ✅ `createdAt`: Timestamp - Configuration creation time **Modified Fields:** - ✅ `authentication`: Enhanced PushNotificationAuthenticationInfo structure ### Stream Event Objects **TaskStatusUpdateEvent:** **v0.3.0:** ```json { "kind": "taskStatusUpdate", "taskId": "...", "contextId": "...", "status": {...}, "final": true } ``` **v1.0:** ```json { "taskStatusUpdate": { "taskId": "...", "contextId": "...", "status": {...} } } ``` **Changes:** - ⛔ **REMOVED:** `kind` discriminator - ⛔ **REMOVED:** `final` boolean field (stream closure indicates completion instead) - ✅ **NEW PATTERN:** Event type determined by JSON member name (`taskStatusUpdate` or `taskArtifactUpdate`) - ✅ **CLARIFIED:** Terminal state indicated by protocol-specific stream closure mechanism **TaskArtifactUpdateEvent:** **v0.3.0:** ```json { "kind": "taskArtifactUpdate", "taskId": "...", "contextId": "...", "artifact": {...} } ``` **v1.0:** ```json { "taskArtifactUpdate": { "taskId": "...", "contextId": "...", "artifact": {...}, "index": 0 } } ``` **Changes:** - ⛔ **REMOVED:** `kind` discriminator - ✅ **NEW PATTERN:** Wrapped in `taskArtifactUpdate` object - ✅ **NEW:** `index` field indicates artifact position in task's artifacts array ### OAuth 2.0 Security Updates (#1303) v1.0 modernizes OAuth 2.0 support in alignment with OAuth 2.0 Security Best Current Practice (BCP). **Removed Flows (Deprecated by OAuth BCP):** - ⛔ `ImplicitOAuthFlow` - Deprecated due to token leakage risks in browser history/logs - ⛔ `PasswordOAuthFlow` - Deprecated due to credential exposure risks **Added Flows:** - ✅ `DeviceCodeOAuthFlow` (RFC 8628) - For CLI tools, IoT devices, and input-constrained scenarios - Provides `device_authorization_url` endpoint - Supports `verification_uri`, `user_code` pattern - Ideal for headless environments **Enhanced Security:** - ✅ `pkce_required` field added to `AuthorizationCodeOAuthFlow` (RFC 7636) - Indicates whether PKCE (Proof Key for Code Exchange) is mandatory - Protects against authorization code interception attacks - Recommended for all OAuth clients, required for public clients **Migration Guide:** ```typescript // v0.3.0 - Implicit Flow (now removed) { "implicitFlow": { "authorizationUrl": "https://auth.example.com/authorize", "scopes": {"read": "Read access"} } } // v1.0 - Use Authorization Code + PKCE instead { "authorizationCodeFlow": { "authorizationUrl": "https://auth.example.com/authorize", "tokenUrl": "https://auth.example.com/token", "pkceRequired": true, "scopes": {"read": "Read access"} } } ``` --- ## New Dependencies on Other Specifications v1.0 introduces several new formal dependencies on industry-standard specifications: ### Added Specifications #### ✅ google.rpc.Status / google.rpc.ErrorInfo - **Purpose:** Standardized error response model with ProtoJSON representation - **Usage:** Error responses for HTTP+JSON and JSON-RPC bindings - **Impact:** Replaces RFC 9457 for HTTP errors. Enforces structured `ErrorInfo` with `reason` and `domain` for A2A-specific errors. #### ✅ RFC 8785 - JSON Canonicalization Scheme (JCS) - **Purpose:** Deterministic JSON serialization for signing - **Usage:** Agent Card signature verification - **Impact:** Enables cryptographic verification of Agent Card integrity - **Details:** Canonical form used before JWS signing (excludes `signatures` field) #### ✅ RFC 7515 - JSON Web Signature (JWS) - **Purpose:** Cryptographic signing standard - **Usage:** Agent Card signatures field - **Impact:** Industry-standard signature format for trust verification - **Details:** Supports detached signatures with public key retrieval via `jku` or trusted keystores #### ✅ Google API Design Guidelines - **Purpose:** gRPC best practices and conventions - **Usage:** gRPC binding design patterns - **Impact:** Better alignment with gRPC ecosystem expectations #### ✅ ISO 8601 - **Purpose:** Timestamp format standard - **Usage:** All timestamp fields (createdAt, lastModified, timestamp) - **Impact:** Explicit format requirement: UTC with millisecond precision (YYYY-MM-DDTHH:mm:ss.sssZ) ### Existing Dependencies (Retained from v0.3.0) - JSON-RPC 2.0 - gRPC / Protocol Buffers 3 - HTTP/HTTPS (various RFCs) - Server-Sent Events (SSE) - W3C specification - RFC 8615 - Well-known URIs - OAuth 2.0, OpenID Connect (for authentication) - TLS (RFC 8446 recommended) ### Complementary Protocol **Model Context Protocol (MCP):** - Relationship clarified: MCP handles tool/resource integration, A2A handles agent-to-agent coordination - Protocols are complementary, not competing - Agents may support both protocols for different use cases --- ## Impact on Developers ### Breaking Changes Requiring Code Updates #### 1. Part Type Unification (CRITICAL IMPACT) The most significant breaking change: TextPart, FilePart, and DataPart types have been removed and replaced with a single unified Part structure. **Before (v0.3.0):** ```typescript // Separate types with kind discriminator if (part.kind === "text") { return part.text; } else if (part.kind === "file") { if (part.file.fileWithUri) { return fetchFile(part.file.fileWithUri); } else { return part.file.fileWithBytes; } } else if (part.kind === "data") { return part.data; } ``` **After (v1.0):** ```typescript // Unified Part with oneof content if ("text" in part) { return part.text; } else if ("url" in part) { return fetchFile(part.url); } else if ("raw" in part) { return decodeBase64(part.raw); } else if ("data" in part) { return part.data; } ``` #### 2. Stream Event Discriminator Pattern (HIGH IMPACT) Stream events changed from kind-based to wrapper-based discrimination: **Before (v0.3.0):** ```typescript if (event.kind === "taskStatusUpdate") { handleStatusUpdate(event); } else if (event.kind === "taskArtifactUpdate") { handleArtifactUpdate(event); } ``` **After (v1.0):** ```typescript if ("taskStatusUpdate" in event) { handleStatusUpdate(event.taskStatusUpdate); } else if ("taskArtifactUpdate" in event) { handleArtifactUpdate(event.taskArtifactUpdate); } ``` #### 3. Agent Card Structure (HIGH IMPACT) Agent discovery and capability checking requires updates: **Before (v0.3.0):** ```typescript const endpoint = agentCard.url; const transport = agentCard.preferredTransport; const supportsExtended = agentCard.supportsAuthenticatedExtendedCard; ``` **After (v1.0):** ```typescript const primaryInterface = agentCard.supportedInterfaces[0]; const endpoint = primaryInterface.url; const transport = primaryInterface.protocolBinding; const supportsExtended = agentCard.capabilities.extendedAgentCard; ``` #### 4. Pagination (MEDIUM IMPACT) List Tasks implementation must switch from page-based to cursor-based: **Before (v0.3.0):** ```typescript const response = await listTasks({ page: 1, perPage: 50 }); ``` **After (v1.0):** ```typescript let cursor = undefined; do { const response = await listTasks({ cursor, limit: 50 }); // process response.tasks cursor = response.nextCursor; } while (cursor); ``` #### 5. Enum Value Changes (HIGH IMPACT) All enum values now use SCREAMING_SNAKE_CASE with type prefixes: **TaskState:** ```typescript // v0.3.0 if (task.status.state === "completed") { ... } if (task.status.state === "input-required") { ... } // v1.0 if (task.status.state === "TASK_STATE_COMPLETED") { ... } if (task.status.state === "TASK_STATE_INPUT_REQUIRED") { ... } ``` **MessageRole:** ```typescript // v0.3.0 const message = { role: "user", parts: [...] }; // v1.0 const message = { role: "ROLE_USER", parts: [...] }; ``` **Complete Mapping:** - `"submitted"` → `"TASK_STATE_SUBMITTED"` - `"working"` → `"TASK_STATE_WORKING"` - `"completed"` → `"TASK_STATE_COMPLETED"` - `"failed"` → `"TASK_STATE_FAILED"` - `"canceled"` → `"TASK_STATE_CANCELED"` - `"rejected"` → `"TASK_STATE_REJECTED"` - `"input-required"` → `"TASK_STATE_INPUT_REQUIRED"` - `"auth-required"` → `"TASK_STATE_AUTH_REQUIRED"` - `"user"` → `"ROLE_USER"` - `"agent"` → `"ROLE_AGENT"` #### 6. Field Name Changes (LOW IMPACT) - `file.mimeType` → `mediaType` - Operation names (aliases provided during transition) #### 7. Standardized Error Handling via google.rpc.Status (HIGH IMPACT) HTTP+JSON error responses have been updated to use the ProtoJSON representation of `google.rpc.Status` instead of RFC 9457 (Problem Details). JSON-RPC and HTTP+JSON bindings now use `google.rpc.ErrorInfo` within the `data` / `details` array to provide A2A-specific error context. **Changes:** - **HTTP+JSON Content-Type:** Changed from `application/problem+json` to `application/json`. - **Error Model:** Uses `google.rpc.Status` fields (`code`, `message`, `details`). - **A2A Error Info:** MUST include a `google.rpc.ErrorInfo` object in `details` with `reason` (UPPER_SNAKE_CASE from A2A error types) and `domain: "a2a-protocol.org"`. **JSON-RPC Example Migration:** ```json // v0.3.0 "error": { "code": -32001, "message": "Task not found", "data": { "taskId": "123" } } // v1.0 "error": { "code": -32001, "message": "Task not found", "data": [ { "@type": "type.googleapis.com/google.rpc.ErrorInfo", "reason": "TASK_NOT_FOUND", "domain": "a2a-protocol.org", "metadata": { "taskId": "123" } } ] } ``` **HTTP+JSON Example Migration:** ```http // v0.3.0 (Draft using RFC 9457) HTTP/1.1 404 Not Found Content-Type: application/problem+json { "type": "https://a2a-protocol.org/errors/task-not-found", "title": "Task Not Found", "status": 404, "detail": "The specified task ID does not exist" } // v1.0 HTTP/1.1 404 Not Found Content-Type: application/json { "error": { "code": 404, "status": "NOT_FOUND", "message": "The specified task ID does not exist", "details": [ { "@type": "type.googleapis.com/google.rpc.ErrorInfo", "reason": "TASK_NOT_FOUND", "domain": "a2a-protocol.org" } ] } } ``` ### New Capabilities to Leverage #### 1. Execution Mode Control ```typescript // Wait for task completion (Default) const result = await sendMessage(message, { returnImmediately: false }); // Return immediately, poll later const task = await sendMessage(message, { returnImmediately: true }); ``` #### 2. Agent Card Signature Verification ```typescript if (agentCard.signatures && agentCard.signatures.length > 0) { const verified = await verifyAgentCardSignature(agentCard); if (!verified) { throw new Error("Agent Card signature verification failed"); } } ``` #### 3. Extension Requirements ```typescript const requiredExtensions = agentCard.extensions .filter(ext => ext.required) .map(ext => ext.uri); // Check if client supports required extensions if (!clientSupportsAll(requiredExtensions)) { throw new Error("Missing required extension support"); } ``` #### 4. Enhanced Timestamp Tracking ```typescript const taskAge = Date.now() - new Date(task.createdAt).getTime(); const timeSinceUpdate = Date.now() - new Date(task.lastModified).getTime(); ``` #### 5. Versioning Negotiation ```typescript // Client sends A2A-Version header headers["A2A-Version"] = "1.0"; // Server validates and rejects if unsupported if (!supportedVersions.includes(requestedVersion)) { throw new VersionNotSupportedError(); } ``` ### Migration Strategy Recommendations #### Phase 1: Compatibility Layer 1. Add support for parsing both old and new discriminator patterns 2. Implement version detection based on protocol version 3. Support both Agent Card structures during transition #### Phase 2: Dual Support 1. Update all APIs to emit v1.0 format 2. Maintain backward compatibility readers for v0.3.0 3. Add A2A-Version header handling 4. Implement cursor-based pagination alongside legacy page-based #### Phase 3: v1.0 Only 1. Deprecate v0.3.0 compatibility code 2. Remove legacy discriminator parsing 3. Remove page-based pagination 4. Clean up dual-format support code #### Backward Compatibility Strategy (#1401) v1.0 introduces a formal approach to protocol versioning that enables SDK backward compatibility. **Protocol Version Per Interface:** - Each `AgentInterface` now specifies its own `protocolVersion` field - Agents can support multiple protocol versions simultaneously by exposing multiple interfaces - Clients negotiate version by selecting appropriate interface from Agent Card **SDK Implementation Pattern:** ```typescript // SDK can support multiple protocol versions class A2AClient { async connect(agentCardUrl: string) { const card = await this.getAgentCard(agentCardUrl); // Find best matching interface const interface = card.supportedInterfaces.find(i => this.supportedVersions.includes(i.protocolVersion) ); if (!interface) { throw new Error("No compatible protocol version"); } // Use version-specific adapter return this.createAdapter(interface.protocolVersion, interface); } } ``` **Benefits:** - SDKs can maintain support for multiple protocol versions - Agents can gradually migrate by supporting both old and new versions - Clients automatically select best compatible version - Enables graceful deprecation of old protocol versions ### Testing Considerations - Test with both v0.3.0 and v1.0 formatted data - Validate Agent Card signature verification - Test cursor-based pagination edge cases (empty results, single page, etc.) - Verify proper handling of new error types - Test extension requirement validation ### Recommended Priority #### Critical (Do Immediately) - Update Part and streaming event parsing (discriminator pattern) - Update Agent Card parsing (structure changes) - Add A2A-Version header to all requests #### High (Within 1 Month) - Implement cursor-based pagination - Update enum value handling (state field) - Add return_immediately parameter support #### Medium (Within 3 Months) - Implement Agent Card signature verification - Add extension requirement checking - Update timestamp handling to ISO 8601 format - Implement new error types #### Low (Nice to Have) - Add createdAt/lastModified timestamp tracking - Leverage enhanced metadata capabilities - Implement mutual TLS authentication support --- ## Conclusion A2A Protocol v1.0 represents a significant step forward in protocol maturity while maintaining the core architectural principles of v0.3.0. The changes focus on standardization, type safety, and enterprise readiness, requiring developers to update their implementations but providing clearer specifications and better developer experience in return. The breaking changes, while requiring code updates, are straightforward to implement and improve code clarity. The new capabilities around versioning, signatures, and enhanced extensions provide a solid foundation for future protocol evolution within the v1.x line. Developers should plan for a phased migration approach, prioritizing the critical breaking changes while gradually adopting new capabilities over time. ================================================ FILE: lychee.toml ================================================ exclude = [ 'https://fonts.gstatic.com/', 'https://fonts.googleapis.com/', 'https://medium.com/', 'https://x.com/', 'http://localhost:12000/', 'http://localhost:10020/', 'https://goo.gle/', ] exclude_path = [ ".github/actions/spelling", "CHANGELOG.md", "docs/partners.md", "docs/robots.txt", "docs/llms.txt", "docs/spec/a2a.json", "docs/spec-proto.md", "docs/sdk/python.md", ] accept = ["200..=299", 403, 408, 429] max_retries = 0 skip_missing = true ================================================ FILE: mkdocs.yml ================================================ # Project information site_name: A2A Protocol site_url: https://a2a-protocol.org/ site_description: >- The official documentation for the Agent2Agent (A2A) protocol. The A2A protocol is an open standard that allows different AI agents to securely communicate, collaborate, and solve complex problems together. site_author: The Linux Foundation site_dir: site edit_uri: edit/main/docs/ # Exclude files from the docs directory exclude_docs: | README.md extra: a2a_version: !ENV [MIKE_VERSION, "dev"] analytics: provider: google property: G-RB39M83WHB # Navigation nav: - Home: index.md - 🆕 Announcing Version 1.0: announcing-1.0.md - Documentation: - What is A2A?: topics/what-is-a2a.md - Core Concepts: topics/key-concepts.md - Agent Discovery: topics/agent-discovery.md - Enterprise Features: topics/enterprise-ready.md - Life of a Task: topics/life-of-a-task.md - Extensions: topics/extensions.md - Streaming & Asynchronous Operations: topics/streaming-and-async.md - A2A and MCP: topics/a2a-and-mcp.md - Tutorials and Samples: - tutorials/index.md - Quickstart (Python): - Introduction: tutorials/python/1-introduction.md - Setup: tutorials/python/2-setup.md - Agent Skills & Agent Card: tutorials/python/3-agent-skills-and-card.md - Agent Executor: tutorials/python/4-agent-executor.md - Start Server: tutorials/python/5-start-server.md - Interact with Server: tutorials/python/6-interact-with-server.md - Streaming & Multiturn: tutorials/python/7-streaming-and-multiturn.md - Next Steps: tutorials/python/8-next-steps.md - DeepLearning.AI Course: https://goo.gle/dlai-a2a - Specification: - Overview: specification.md - What's New in v1.0: whats-new-v1.md - Protocol Definition: definitions.md - SDK Reference: - sdk/index.md - Python: sdk/python/api/index.html - Community: community.md - Partners: partners.md - Roadmap: roadmap.md # Repository repo_name: a2aproject/A2A repo_url: https://github.com/a2aproject/A2A # Copyright copyright: Copyright 2026 The Linux Foundation. Licensed under the Apache License, Version 2.0. # Custom CSS extra_css: - stylesheets/custom.css # Configuration theme: name: material custom_dir: .mkdocs/overrides font: text: Google Sans code: Roboto Mono logo: assets/a2a-logo-white.svg favicon: assets/a2a-logo-black.svg icon: repo: fontawesome/brands/github view: material/pencil-box-multiple admonition: note: fontawesome/solid/note-sticky abstract: fontawesome/solid/book info: fontawesome/solid/circle-info tip: fontawesome/solid/bullhorn success: fontawesome/solid/check question: fontawesome/solid/circle-question warning: fontawesome/solid/triangle-exclamation failure: fontawesome/solid/bomb danger: fontawesome/solid/skull bug: fontawesome/solid/robot example: fontawesome/solid/flask quote: fontawesome/solid/quote-left palette: - scheme: default primary: indigo accent: white features: - announce.dismiss - content.action.view - content.code.annotate - content.code.copy - content.code.select - content.tabs.link - navigation.footer - navigation.indexes - navigation.instant - navigation.instant.progress - navigation.path - navigation.top - navigation.tracking - toc.follow - versioning: provider: mike # Extensions markdown_extensions: - meta - footnotes - admonition - attr_list - md_in_html - pymdownx.details - pymdownx.emoji: emoji_index: !!python/name:material.extensions.emoji.twemoji emoji_generator: !!python/name:material.extensions.emoji.to_svg - pymdownx.highlight: anchor_linenums: true line_spans: __span pygments_lang_class: true - pymdownx.inlinehilite - pymdownx.snippets: base_path: . url_download: true dedent_subsections: true - pymdownx.superfences: custom_fences: - name: mermaid class: mermaid format: !!python/name:pymdownx.superfences.fence_code_format - pymdownx.tabbed: alternate_style: true slugify: !!python/object/apply:pymdownx.slugs.slugify kwds: case: lower - toc: permalink: true # Plugins plugins: - search - macros: module_name: .mkdocs/macros - redirects: redirect_maps: "specification/overview.md": "specification.md" "specification/agent-card.md": "specification.md#5-agent-discovery-the-agent-card" "specification/agent-to-agent-communication.md": "specification.md#6-protocol-data-objects" "specification/sample-messages.md": "specification.md#9-common-workflows-examples" "specification/details.md": "specification.md" "documentation.md": "topics/key-concepts.md" "resources.md": "index.md" "topics/push-notifications.md": "topics/streaming-and-async.md" "specification/topics/a2a_and_mcp.md": "topics/a2a-and-mcp.md" "specification/topics/agent_discovery.md": "topics/agent-discovery.md" "specification/topics/enterprise_ready.md": "topics/enterprise-ready.md" "specification/topics/push_notification.md": "topics/streaming-and-async.md" "specification/topics/push_notifications.md": "topics/streaming-and-async.md" "topics/index.md": "topics/what-is-a2a.md" "topics/roadmap.md": "roadmap.md" # Tutorial "tutorials/python/index.md": "tutorials/python/1-introduction.md" "tutorials/python/1_introduction.md": "tutorials/python/1-introduction.md" "tutorials/python/3-create-project.md": "tutorials/python/2-setup.md" "tutorials/python/4-agent-skills.md": "tutorials/python/3-agent-skills-and-card.md" "tutorials/python/5-add-agent-card.md": "tutorials/python/3-agent-skills-and-card.md" "tutorials/python/6-start-server.md": "tutorials/python/5-start-server.md" "tutorials/python/7-interact-with-server.md": "tutorials/python/6-interact-with-server.md" "tutorials/python/8-agent-capabilities.md": "tutorials/python/7-streaming-and-multiturn.md" "tutorials/python/9-ollama-agent.md": "tutorials/python/7-streaming-and-multiturn.md" "tutorials/python/10-next-steps.md": "tutorials/python/8-next-steps.md" - mike: canonical_version: latest ================================================ FILE: requirements-docs.txt ================================================ mkdocs-material mkdocs-redirects a2a-sdk[all] mike mkdocs-macros-plugin sphinx furo myst-parser proto-schema-parser tabulate ================================================ FILE: scripts/build_docs.sh ================================================ #!/bin/bash set -euo pipefail # Unified docs build script that ensures the non-normative JSON artifact is # regenerated (if stale) before invoking MkDocs. Uses pure shell. ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" SCHEMA_JSON="$ROOT_DIR/specification/json/a2a.json" PROTO_SRC="$ROOT_DIR/specification/a2a.proto" SPEC_SITE_DIR="$ROOT_DIR/docs/spec" SCHEMA_JSON_SITE_FILE="$SPEC_SITE_DIR/a2a.json" PROTO_SITE_FILE="$SPEC_SITE_DIR/a2a.proto" PROTO_TO_SCHEMA_SCRIPT="$ROOT_DIR/scripts/proto_to_json_schema.sh" regen_needed() { if [ ! -f "$SCHEMA_JSON" ]; then return 0; fi local proto_mtime local schema_mtime if [[ "$(uname)" == "Darwin" ]]; then proto_mtime=$(stat -f %m "$PROTO_SRC") schema_mtime=$(stat -f %m "$SCHEMA_JSON") else proto_mtime=$(stat -c %Y "$PROTO_SRC") schema_mtime=$(stat -c %Y "$SCHEMA_JSON") fi [ "$proto_mtime" -gt "$schema_mtime" ] } echo "[build_docs] Checking schema freshness..." >&2 if regen_needed; then echo "[build_docs] Regenerating a2a.json from proto" >&2 if [ -x "$PROTO_TO_SCHEMA_SCRIPT" ]; then bash "$PROTO_TO_SCHEMA_SCRIPT" "$SCHEMA_JSON" || { echo "[build_docs] Warning: proto to JSON schema conversion failed" >&2 } else echo "[build_docs] proto_to_json_schema.sh missing or not executable; skipping schema generation." >&2 fi else echo "[build_docs] Schema is up-to-date, skipping regeneration" >&2 fi # Always ensure spec files are available in docs directory for MkDocs mkdir -p "$SPEC_SITE_DIR" if [ -f "$SCHEMA_JSON" ]; then cp "$SCHEMA_JSON" "$SCHEMA_JSON_SITE_FILE" echo "[build_docs] Published schema to $SCHEMA_JSON_SITE_FILE" >&2 else echo "[build_docs] Warning: Schema file not found at $SCHEMA_JSON - MkDocs may fail" >&2 fi if [ -f "$PROTO_SRC" ]; then cp "$PROTO_SRC" "$PROTO_SITE_FILE" echo "[build_docs] Published proto to $PROTO_SITE_FILE" >&2 else echo "[build_docs] Warning: Proto file not found at $PROTO_SRC" >&2 fi # Build SDK documentation echo "[build_docs] Building SDK documentation..." >&2 SDK_DOCS_SCRIPT="$ROOT_DIR/scripts/build_sdk_docs.sh" if [ -x "$SDK_DOCS_SCRIPT" ]; then bash "$SDK_DOCS_SCRIPT" || echo "[build_docs] Warning: SDK docs build failed" >&2 else echo "[build_docs] SDK docs script not found or not executable: $SDK_DOCS_SCRIPT" >&2 fi # Add venv bin to PATH to ensure mike finds mkdocs and plugins if [ -d "$ROOT_DIR/.doc-venv/bin" ]; then export PATH="$ROOT_DIR/.doc-venv/bin:$PATH" fi if [ "${1:-}" = "deploy" ]; then shift echo "[build_docs] Deploying with mike..." >&2 mike deploy "$@" else echo "[build_docs] Building MkDocs site..." >&2 mkdocs build "$@" fi echo "[build_docs] Done." >&2 ================================================ FILE: scripts/build_llms_full.sh ================================================ #!/bin/bash set -e # This script concatenates all documentation and specification files # into a single file for LLM consumption. # --- Configuration --- OUTPUT_FILE="docs/llms-full.txt" DOCS_DIR="docs" SPEC_DIR="specification" SDK_DOCS_SCRIPT="scripts/build_sdk_docs.sh" PROJECT_NAME="A2A (Agent2Agent) Protocol" echo "--- Generating consolidated LLM file: ${OUTPUT_FILE} ---" # --- Generate Python SDK Text Documentation --- if [ -f "$SDK_DOCS_SCRIPT" ]; then echo "Generating Python SDK documentation..." bash "$SDK_DOCS_SCRIPT" else echo "Warning: SDK docs script not found at $SDK_DOCS_SCRIPT" fi # Clear the output file and add introduction cat <