Agent Discovery & ANS
How agents find each other—from well-known URIs to OWASP's Agent Name Service architecture.
Communication protocols are necessary but not sufficient. Agents cannot collaborate if they cannot locate or identify each other. In enterprises, this extends beyond network connectivity to knowing which agents exist, what roles they play, and whether they are approved for use.
The Discovery Challenge
🎯 Capability Awareness
Agents need to understand what others can do before delegating tasks.
✅ Trustworthiness
Not every discovered agent is safe. Ownership and compliance must be verified.
🏛️ Governance
Enterprises must track which agents are registered and who maintains them.
🔄 Dynamic Environments
New agents are introduced frequently. Discovery must adapt without breaking workflows.
Discovery Approaches
🌐 Well-Known URI (Agent Card)
Agents publish a digital "business card" at a predictable location on their domain—like DNS for agents.
- Good for open ecosystems or intra-company discoverability
- Every business unit can expose standard agents this way
- If you know the domain, you can locate the agent
📚 Curated Registries
Centralized catalogs where Agent Cards are published and indexed.
- Enterprises can operate internal registries with policy layers
- Search by skill ("find agents that handle compliance")
- Apply compliance and trust policies at registry level
- Public registries could emerge like app stores
🔐 Direct Configuration
For tightly controlled environments, agents are configured manually with known counterparts.
- Useful when relationships are static or sensitive
- Provides higher privacy and isolation
- Limited flexibility—changes require reconfiguration
Agent Name Service (ANS)
OWASP's ANS is a comprehensive discovery system analogous to DNS but designed for agents. It provides identity verification, capability lookup, and secure communication establishment.
Discovery Request Initiation
A public-facing AI Agent sends a discovery request to the ANS Service, similar to how a browser queries DNS.
Directory Lookup via ANS Service
The ANS Service acts as the central directory, querying the AI Agent Registry to locate the target agent's identity, capabilities, and endpoint.
Identity Verification (CA)
The AI Agent Registry consults the Certificate Authority. Using PKI, the CA verifies the digital certificate to ensure authenticity.
Registration Validation (RA)
The Registration Authority checks the legitimacy of the agent's registration, confirming credentials and capabilities are valid.
Protocol Translation
The Protocol Adapter Layer translates messages between agents using different protocols (A2A, MCP, ACP), ensuring cross-platform communication.
Secure Communication Established
With identity verified and protocols aligned, the requesting agent can now securely interact with the discovered agent.
Security & Trust
🛡️ Protecting Agent Cards
Agent Cards describe identity and access rules. If exposed without control, they can leak sensitive details.
📊 Tiered Disclosure
Reveal limited info publicly, richer details only to trusted peers. Selective disclosure prevents oversharing.
🔑 Access Control
Only authorized clients see detailed capabilities. Auth via OAuth2, tokens, or enterprise IAM.
🏢 Enterprise Governance
Discovery is risk management. Enterprises decide which agents are trusted and allowed.
Discovery is the directory layer of multi-agent systems. Without it, agents are isolated islands that cannot find each other to collaborate.