// GLOSSARY -- AGENTIC FINANCE

What is a Scoped Token?

1 min read Updated

A scoped token grants an AI agent limited, time-bound spending permission — restricting amount, recipient, duration, and token type unlike unrestricted wallet access.

WHY IT MATTERS

Full wallet access is like an unlimited corporate card for an intern. A scoped token is a prepaid card with merchant restrictions — job gets done, damage is capped.

Encodes least privilege: spend up to $100 USDC, only addresses A and B, until 5pm. Anything outside is rejected.

Valuable for multi-agent systems with different financial access levels — each agent's authority matches its role.

HOW POLICYLAYER USES THIS

PolicyLayer issues scoped tokens encoding spending rules — caps, allowlists, durations — enforced on every transaction.

FREQUENTLY ASKED QUESTIONS

vs. session key?
Closely related. Session keys are cryptographic keys on smart accounts. Scoped tokens are broader — any credential encoding restrictions, whether session key, JWT, or policy reference.
When it expires?
Agent loses transaction ability. Must request a new token, potentially requiring re-authorization.
Early revocation?
Yes — issuer revokes instantly, immediately cutting spending authority. Essential for emergencies.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.