Connect Paradym to AI agents

Connect Paradym to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

manage_trusted_entity

Manage Trusted Entity

Create or update a trusted entity to restrict which issuers are accepted during credential verification. Trusted entities can include DIDs and X.509 certificates, and are linked to presentation templates.

revoke_credentials

Revoke Credentials

Batch-revoke one or more previously issued credentials. Supports both SD-JWT and AnonCreds credentials. Optionally notify the holder's wallet about the revocation via DIDComm Revocation Notification.

create_verification_request

Create Verification Request

Create a credential verification request to ask a holder to present their credentials. Supports both **OpenID4VC** (for SD-JWT VC and mDOC) and **DIDComm** (for AnonCreds) protocols. Returns a URI/QR code the holder can scan to present their credentials.

get_verification_session

Get Verification Session

Retrieve details and results of a credential verification session. Use this to check if a holder has presented their credentials and to access the verified credential data.

issue_credential

Issue Credential

Issue a verifiable credential to a holder. Supports three methods: - **openid4vc**: Creates an OpenID4VC issuance offer with a scannable URI/QR code for SD-JWT VC credentials. - **didcomm**: Creates a DIDComm issuance offer for AnonCreds credentials via invitation or existing connection. - **direct**: Directly signs and returns an SD-JWT VC credential without an exchange protocol.

manage_didcomm_connection

Manage DIDComm Connection

Create DIDComm invitations, receive invitations, or update existing connections. DIDComm connections enable secure messaging and credential exchange between parties. Invitations can be single-use or reusable.

list_credential_templates

List Credential Templates

Retrieve credential templates configured in a Paradym project. Returns templates for all supported formats (SD-JWT VC, mDOC, AnonCreds) including their attributes, branding, issuer settings, and revocability configuration.

list_issued_credentials

List Issued Credentials

Retrieve metadata about issued credentials in a Paradym project. Use this to track the status of credentials, filter by format or revocation status, and find credential IDs for revocation.

manage_presentation_template

Manage Presentation Template

Create or update a presentation template that defines what credentials and attributes to request from a holder during verification. Supports SD-JWT VC, mDOC, and AnonCreds credential formats. Each template can request up to 20 credentials with attribute constraints (value, range, type).

list_didcomm_connections

List DIDComm Connections

Retrieve DIDComm connections established in a Paradym project. Connections are used for credential issuance, verification, and secure messaging between parties.

create_credential_template

Create Credential Template

Create a new credential template in Paradym. Supports three formats: **sd-jwt-vc** (SD-JWT VC over OpenID4VC), **mdoc** (ISO 18013-5 mDOC/mDL over OpenID4VC), and **anoncreds** (AnonCreds over DIDComm). Configure typed attributes, visual branding, validity periods, and revocability.

list_trusted_entities

List Trusted Entities

Retrieve trusted entities configured in a Paradym project. Trusted entities define which issuers (identified by DIDs or X.509 certificates) are accepted during credential verification.

list_presentation_templates

List Presentation Templates

Retrieve presentation templates configured in a Paradym project. Presentation templates define what credentials and attributes to request from a holder during verification.

list_projects

List Projects

Retrieve all Paradym projects accessible to the authenticated user. Each project provides multi-tenancy with its own templates, sessions, and settings.

get_issuance_session

Get Issuance Session

Retrieve details of a credential issuance session. Use this to check the current status of an OpenID4VC or DIDComm issuance offer, including whether the credential has been accepted by the holder.

list_dids

List DIDs

Retrieve Decentralized Identifiers (DIDs) available in a Paradym project. DIDs are used as issuer and verifier identifiers when creating credential and presentation templates. Supports did:web and did:cheqd methods.

More integrations teams use with Paradym

Firebase

Manage backend services for mobile and web applications. Create, read, update, and delete documents in Cloud Firestore and Realtime Database. Manage user accounts including creating, updating, deleting, and listing users with authentication support. Send push notifications and data messages to devices, topics, and device groups via Cloud Messaging (FCM). Upload, download, and delete files in Cloud Storage. Read and publish Remote Config templates to change app behavior remotely. Deploy and manage serverless Cloud Functions triggered by database events, authentication events, storage events, and HTTP requests. Stream real-time database changes via Server-Sent Events. Query databases with filters, ordering, and pagination. Perform batch writes and transactions in Firestore. Generate and verify custom tokens and ID tokens for user authentication.

Kibana

Manage Kibana resources and the Elastic Stack visualization layer programmatically. Create, import, export, and organize saved objects such as dashboards, visualizations, and data views across spaces. Configure alerting rules with threshold, query, and metric conditions, and connect them to actions via connectors (email, Slack, PagerDuty, webhook, Jira, ServiceNow, and more). Manage data views (index patterns) that define which Elasticsearch indices Kibana queries. Create and organize spaces to separate dashboards and objects into meaningful categories. Track incidents with cases, define and monitor Service Level Objectives (SLOs), manage Fleet agent policies and enrollments, configure security detection rules for SIEM, and control role-based access with Kibana feature privileges.

Kubernetes

Manage and orchestrate containerized applications on Kubernetes clusters. Create, update, scale, and delete workloads including Pods, Deployments, StatefulSets, DaemonSets, Jobs, and CronJobs. Configure service discovery and load balancing through Services, Ingress, and Endpoints. Manage configuration and storage with ConfigMaps, Secrets, PersistentVolumes, and StorageClasses. Control access with Namespaces, RBAC roles and bindings, ServiceAccounts, and NetworkPolicies. Administer cluster infrastructure including Nodes, ResourceQuotas, LimitRanges, and PriorityClasses. Autoscale workloads with HorizontalPodAutoscaler and VerticalPodAutoscaler. Define and manage Custom Resource Definitions (CRDs) to extend cluster functionality. Watch resources in real time for create, modify, and delete events. Configure admission webhooks to validate or mutate resources before persistence.

Cloudflare

Manage internet infrastructure including DNS records, domains, and zone settings. Deploy and configure serverless Workers scripts, R2 object storage buckets, and Pages deployments. Configure security rules including WAF, firewall rules, rate limiting, DDoS protection, and IP access controls. Manage SSL/TLS certificates, load balancers, origin pools, and health monitors. Upload and deliver video content via Cloudflare Stream. Access traffic, DNS, and security analytics via GraphQL. Configure Zero Trust Access applications, Gateway policies, and Tunnel connections. Set up alerting and webhook notifications for security events, health checks, certificate status, and usage thresholds. Register and manage domains, account members, roles, and API tokens.

Auth 0

Manage users, roles, permissions, and identity provider connections for authentication and authorization. Create, read, update, and delete users across identity connections. Configure social, enterprise, and passwordless authentication methods. Assign roles and permissions using role-based access control (RBAC). Register and manage applications and API resource servers. Set up multi-factor authentication (MFA) including SMS, email, TOTP, and WebAuthn. Create organizations for multi-tenant B2B scenarios and invite members. Build custom serverless Actions for login, registration, and password change flows. Configure custom domains, email templates, branding, and attack protection. Import and export users in bulk. Retrieve authentication logs and audit events. Manage client grants and log streams for event delivery.

Okta

Manage identity and access management for organizations. Create, update, deactivate, and search users. Manage groups and group memberships. Assign users and groups to applications. Configure multi-factor authentication enrollment and verification. Create and manage OAuth 2.0 authorization servers, scopes, claims, and access policies. Set sign-on, password, and MFA enrollment policies. Query system logs for auditing and troubleshooting. Manage user sessions, devices, and inline hooks for customizing authentication flows. Supports webhooks for user authentication, lifecycle, group, application, policy, and security events.

Technical notes for Paradym

Issue, verify, and revoke verifiable credentials using SD-JWT VC, mDOC, and AnonCreds formats over OpenID4VC and DIDComm protocols. Create and manage credential templates with typed attributes, branding, and revocability settings. Define presentation templates to request and verify credentials from holders. Manage trusted entities (X.509 certificates and DIDs) to restrict accepted issuers during verification. Configure attribute providers to dynamically populate credentials from external systems. Establish and manage DIDComm connections for secure messaging and credential exchange. Manage projects and team members for multi-tenant environments. Receive webhook notifications for issuance and verification session events.

Connect Paradym to production AI agents

See how Metorial gives Paradym access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Paradym to AI agents with Metorial.

  1. Can Metorial connect Paradym to AI agents?
    Yes. Metorial connects AI agents to Paradym through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.