Skip to main content
The Agents API gives you a read-only inventory of every AI agent Trident has observed signals for in your project. For each agent you get its latest Trident certificate score, cert status, open finding counts, and the timestamp of its most recent finding. This is the same data the Agents page in the dashboard renders, available programmatically for dashboards, alerting pipelines, and CI gates.

GET /api/public/trident/agents

Fetch the full agent inventory for your project, sorted by critical finding count descending. Endpoint: GET https://app.usetrident.dev/api/public/trident/agents Authentication: HTTP Basic — see Authentication

Query parameters

agentId
string
Filter the response to a single agent by its exact ID. Omit to return all agents in the project.

Example request

curl
CREDENTIALS=$(echo -n "$TRIDENT_PROJECT_PUBLIC_KEY:$TRIDENT_PROJECT_SECRET_KEY" | base64)

curl "https://app.usetrident.dev/api/public/trident/agents" \
  -H "Authorization: Basic $CREDENTIALS" \
  -H "Accept: application/json"

Example response

{
  "count": 3,
  "agents": [
    {
      "agentId": "prod-rag-assistant",
      "displayName": null,
      "latestCertScore": 81.5,
      "certStatus": "ACTIVE",
      "openFindings": 4,
      "criticalFindings": 1,
      "lastFindingAt": "2025-06-10T14:22:07.000Z"
    },
    {
      "agentId": "staging-code-reviewer",
      "displayName": null,
      "latestCertScore": 74.0,
      "certStatus": "ACTIVE",
      "openFindings": 2,
      "criticalFindings": 0,
      "lastFindingAt": "2025-06-09T08:54:31.000Z"
    },
    {
      "agentId": "internal-summarizer",
      "displayName": null,
      "latestCertScore": null,
      "certStatus": null,
      "openFindings": 0,
      "criticalFindings": 0,
      "lastFindingAt": null
    }
  ]
}

Response fields

count
number
required
Total number of agents returned.
agents
array
required
Array of agent objects, sorted by criticalFindings descending.

How agents are registered

Trident builds the agent inventory from two sources:
  1. Findings and certificates — any agent that has received a red-team finding, a firewall event, or a Trident certificate is automatically added to the inventory. You do not need to register agents manually.
  2. SDK initialisation — when your agent calls trident.init({ agentId: "my-agent" }) at startup, Trident registers that agent in your project. The agentId string must match the pattern [a-zA-Z0-9._-]+.
Agents running on platforms that expose public URLs as environment variables — Vercel (VERCEL_URL), Fly.io (FLY_PUBLIC_IP), Render (RENDER_EXTERNAL_URL), Railway (RAILWAY_PUBLIC_DOMAIN), and Heroku (HEROKU_APP_NAME) — are auto-registered with their public URL so the Trident scanner can reach them without any additional configuration.