Glossary — Agentic Finance

What is a Scoped Token?

1 min read Updated

A scoped token grants an AI agent limited, time-bound spending permission — restricting amount, recipient, duration, and token type unlike unrestricted wallet access.

WHY IT MATTERS

Full wallet access is like an unlimited corporate card for an intern. A scoped token is a prepaid card with merchant restrictions — job gets done, damage is capped.

Encodes least privilege: spend up to $100 USDC, only addresses A and B, until 5pm. Anything outside is rejected.

Valuable for multi-agent systems with different financial access levels — each agent's authority matches its role.

HOW POLICYLAYER USES THIS

PolicyLayer issues scoped tokens encoding spending rules — caps, allowlists, durations — enforced on every transaction.

FREQUENTLY ASKED QUESTIONS

vs. session key?
Closely related. Session keys are cryptographic keys on smart accounts. Scoped tokens are broader — any credential encoding restrictions, whether session key, JWT, or policy reference.
When it expires?
Agent loses transaction ability. Must request a new token, potentially requiring re-authorization.
Early revocation?
Yes — issuer revokes instantly, immediately cutting spending authority. Essential for emergencies.

FURTHER READING

ENFORCE POLICIES ON EVERY TOOL CALL

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

View on GitHub