Index
A2AService(interface)APIKeySecurityScheme(message)AgentCapabilities(message)AgentCard(message)AgentCardSignature(message)AgentExtension(message)AgentInterface(message)AgentProvider(message)AgentSkill(message)Artifact(message)AuthenticationInfo(message)AuthorizationCodeOAuthFlow(message)CancelTaskRequest(message)ClientCredentialsOAuthFlow(message)CreateTaskPushNotificationConfigRequest(message)DataPart(message)DeleteTaskPushNotificationConfigRequest(message)FilePart(message)GetAgentCardRequest(message)GetTaskPushNotificationConfigRequest(message)GetTaskRequest(message)HTTPAuthSecurityScheme(message)ImplicitOAuthFlow(message)ListTaskPushNotificationConfigRequest(message)ListTaskPushNotificationConfigResponse(message)Message(message)MutualTlsSecurityScheme(message)OAuth2SecurityScheme(message)OAuthFlows(message)OpenIdConnectSecurityScheme(message)Part(message)PasswordOAuthFlow(message)PushNotificationConfig(message)Role(enum)Security(message)SecurityScheme(message)SendMessageConfiguration(message)SendMessageRequest(message)SendMessageResponse(message)StreamResponse(message)StringList(message)Task(message)TaskArtifactUpdateEvent(message)TaskPushNotificationConfig(message)TaskState(enum)TaskStatus(message)TaskStatusUpdateEvent(message)TaskSubscriptionRequest(message)
A2AService
A2AService defines the gRPC version of the A2A protocol. This has a slightly different shape than the JSONRPC version to better conform to AIP-127, where appropriate. The nouns are AgentCard, Message, Task and TaskPushNotificationConfig. - Messages are not a standard resource so there is no get/delete/update/list interface, only a send and stream custom methods. - Tasks have a get interface and custom cancel and subscribe methods. - TaskPushNotificationConfig are a resource whose parent is a task. They have get, list and create methods. - AgentCard is a static resource with only a get method.
| CancelTask |
|---|
|
Cancel a task from the agent. If supported one should expect no more task updates for the task.
|
| CreateTaskPushNotificationConfig |
|---|
|
Set a push notification config for a task.
|
| DeleteTaskPushNotificationConfig |
|---|
|
Delete a push notification config for a task.
|
| GetAgentCard |
|---|
|
GetAgentCard returns the agent card for the agent.
|
| GetTask |
|---|
|
Get the current state of a task from the agent.
|
| GetTaskPushNotificationConfig |
|---|
|
Get a push notification config for a task.
|
| ListTaskPushNotificationConfig |
|---|
|
Get a list of push notifications configured for a task.
|
| SendMessage |
|---|
|
Send a message to the agent. This is a blocking call that will return the task once it is completed, or a LRO if requested.
|
| SendStreamingMessage |
|---|
|
SendStreamingMessage is a streaming call that will return a stream of task update events until the Task is in an interrupted or terminal state.
|
| TaskSubscription |
|---|
|
TaskSubscription is a streaming call that will return a stream of task update events. This attaches the stream to an existing in process task. If the task is complete the stream will return the completed task (like GetTask) and close the stream.
|
APIKeySecurityScheme
| Fields | |
|---|---|
description |
Description of this security scheme. |
location |
Location of the API key, valid values are "query", "header", or "cookie" |
name |
Name of the header, query or cookie parameter to be used. |
AgentCapabilities
Defines the A2A feature set supported by the agent
| Fields | |
|---|---|
streaming |
If the agent will support streaming responses |
push_notifications |
If the agent can send push notifications to the clients webhook |
extensions[] |
Extensions supported by this agent. |
AgentCard
AgentCard conveys key information: - Overall details (version, name, description, uses) - Skills; a set of actions/solutions the agent can perform - Default modalities/content types supported by the agent. - Authentication requirements Next ID: 19
| Fields | |
|---|---|
protocol_version |
The version of the A2A protocol this agent supports. |
name |
A human readable name for the agent. Example: "Recipe Agent" |
description |
A description of the agent's domain of action/solution space. Example: "Agent that helps users with recipes and cooking." |
url |
A URL to the address the agent is hosted at. This represents the preferred endpoint as declared by the agent. |
preferred_transport |
The transport of the preferred endpoint. If empty, defaults to JSONRPC. |
additional_interfaces[] |
Announcement of additional supported transports. Client can use any of the supported transports. |
provider |
The service provider of the agent. |
version |
The version of the agent. Example: "1.0.0" |
documentation_url |
A url to provide additional documentation about the agent. |
capabilities |
A2A Capability set supported by the agent. |
security_schemes |
The security scheme details used for authenticating with this agent. |
security[] |
protolint:disable REPEATED_FIELD_NAMES_PLURALIZED Security requirements for contacting the agent. This list can be seen as an OR of ANDs. Each object in the list describes one possible set of security requirements that must be present on a request. This allows specifying, for example, "callers must either use OAuth OR an API Key AND mTLS." Example: security { schemes { key: "oauth" value { list: ["read"] } } } security { schemes { key: "api-key" } schemes { key: "mtls" } } |
default_input_modes[] |
protolint:enable REPEATED_FIELD_NAMES_PLURALIZED The set of interaction modes that the agent supports across all skills. This can be overridden per skill. Defined as mime types. |
default_output_modes[] |
The mime types supported as outputs from this agent. |
skills[] |
Skills represent a unit of ability an agent can perform. This may somewhat abstract but represents a more focused set of actions that the agent is highly likely to succeed at. |
supports_authenticated_extended_card |
Whether the agent supports providing an extended agent card when the user is authenticated, i.e. is the card from .well-known different than the card from GetAgentCard. |
signatures[] |
JSON Web Signatures computed for this AgentCard. |
icon_url |
An optional URL to an icon for the agent. |
AgentCardSignature
AgentCardSignature represents a JWS signature of an AgentCard. This follows the JSON format of an RFC 7515 JSON Web Signature (JWS).
| Fields | |
|---|---|
protected |
Required. The protected JWS header for the signature. This is always a base64url-encoded JSON object. Required. |
signature |
Required. The computed signature, base64url-encoded. Required. |
header |
The unprotected JWS header values. |
AgentExtension
A declaration of an extension supported by an Agent.
| Fields | |
|---|---|
uri |
The URI of the extension. Example: "https://developers.google.com/identity/protocols/oauth2" |
description |
A description of how this agent uses this extension. Example: "Google OAuth 2.0 authentication" |
required |
Whether the client must follow specific requirements of the extension. Example: false |
params |
Optional configuration for the extension. |
AgentInterface
Defines additional transport information for the agent.
| Fields | |
|---|---|
url |
The url this interface is found at. |
transport |
The transport supported this url. This is an open form string, to be easily extended for many transport protocols. The core ones officially supported are JSONRPC, GRPC and HTTP+JSON. |
tenant |
Tenant to be set in the request when calling the agent. Experimental, might still change for 1.0 release. |
AgentProvider
Represents information about the service provider of an agent.
| Fields | |
|---|---|
url |
The providers reference url Example: "https://ai.google.dev" |
organization |
The providers organization name Example: "Google" |
AgentSkill
AgentSkill represents a unit of action/solution that the agent can perform. One can think of this as a type of highly reliable solution that an agent can be tasked to provide. Agents have the autonomy to choose how and when to use specific skills, but clients should have confidence that if the skill is defined that unit of action can be reliably performed.
| Fields | |
|---|---|
id |
Unique identifier of the skill within this agent. |
name |
A human readable name for the skill. |
description |
A human (or llm) readable description of the skill details and behaviors. |
tags[] |
A set of tags for the skill to enhance categorization/utilization. Example: ["cooking", "customer support", "billing"] |
examples[] |
A set of example queries that this skill is designed to address. These examples should help the caller to understand how to craft requests to the agent to achieve specific goals. Example: ["I need a recipe for bread"] |
input_modes[] |
Possible input modalities supported. |
output_modes[] |
Possible output modalities produced |
security[] |
protolint:disable REPEATED_FIELD_NAMES_PLURALIZED Security schemes necessary for the agent to leverage this skill. As in the overall AgentCard.security, this list represents a logical OR of security requirement objects. Each object is a set of security schemes that must be used together (a logical AND). protolint:enable REPEATED_FIELD_NAMES_PLURALIZED |
Artifact
Artifacts are the container for task completed results. These are similar to Messages but are intended to be the product of a task, as opposed to point-to-point communication.
| Fields | |
|---|---|
artifact_id |
Unique identifier (e.g. UUID) for the artifact. It must be at least unique within a task. |
name |
A human readable name for the artifact. |
description |
A human readable description of the artifact, optional. |
parts[] |
The content of the artifact. |
metadata |
Optional metadata included with the artifact. |
extensions[] |
The URIs of extensions that are present or contributed to this Artifact. |
AuthenticationInfo
Defines authentication details, used for push notifications.
| Fields | |
|---|---|
schemes[] |
Supported authentication schemes - e.g. Basic, Bearer, etc |
credentials |
Optional credentials |
AuthorizationCodeOAuthFlow
| Fields | |
|---|---|
authorization_url |
The authorization URL to be used for this flow. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS |
token_url |
The token URL to be used for this flow. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
refresh_url |
The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
scopes |
The available scopes for the OAuth2 security scheme. A map between the scope name and a short description for it. The map MAY be empty. |
CancelTaskRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
name |
The resource name of the task to cancel. Format: tasks/{task_id} |
ClientCredentialsOAuthFlow
| Fields | |
|---|---|
token_url |
The token URL to be used for this flow. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
refresh_url |
The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
scopes |
The available scopes for the OAuth2 security scheme. A map between the scope name and a short description for it. The map MAY be empty. |
CreateTaskPushNotificationConfigRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
parent |
Required. The parent task resource for this config. Format: tasks/{task_id} |
config_id |
Required. The ID for the new config. |
config |
Required. The configuration to create. |
DataPart
DataPart represents a structured blob. This is most commonly a JSON payload.
| Fields | |
|---|---|
data |
|
DeleteTaskPushNotificationConfigRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
name |
The resource name of the config to delete. Format: tasks/{task_id}/pushNotificationConfigs/{config_id} |
FilePart
FilePart represents the different ways files can be provided. If files are small, directly feeding the bytes is supported via file_with_bytes. If the file is large, the agent should read the content as appropriate directly from the file_with_uri source.
| Fields | |
|---|---|
mime_type |
|
name |
|
Union field
|
|
file_with_uri |
|
file_with_bytes |
|
GetAgentCardRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
GetTaskPushNotificationConfigRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
name |
The resource name of the config to retrieve. Format: tasks/{task_id}/pushNotificationConfigs/{config_id} |
GetTaskRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
name |
Required. The resource name of the task. Format: tasks/{task_id} |
history_length |
The number of most recent messages from the task's history to retrieve. |
HTTPAuthSecurityScheme
| Fields | |
|---|---|
description |
Description of this security scheme. |
scheme |
The name of the HTTP Authentication scheme to be used in the Authorization header as defined in RFC7235. The values used SHOULD be registered in the IANA Authentication Scheme registry. The value is case-insensitive, as defined in RFC7235. |
bearer_format |
A hint to the client to identify how the bearer token is formatted. Bearer tokens are usually generated by an authorization server, so this information is primarily for documentation purposes. |
ImplicitOAuthFlow
| Fields | |
|---|---|
authorization_url |
The authorization URL to be used for this flow. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS |
refresh_url |
The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
scopes |
The available scopes for the OAuth2 security scheme. A map between the scope name and a short description for it. The map MAY be empty. |
ListTaskPushNotificationConfigRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
parent |
The parent task resource. Format: tasks/{task_id} |
page_size |
For AIP-158 these fields are present. Usually not used/needed. The maximum number of configurations to return. If unspecified, all configs will be returned. |
page_token |
A page token received from a previous ListTaskPushNotificationConfigRequest call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to |
ListTaskPushNotificationConfigResponse
| Fields | |
|---|---|
configs[] |
The list of push notification configurations. |
next_page_token |
A token, which can be sent as |
Message
Message is one unit of communication between client and server. It is associated with a context and optionally a task. Since the server is responsible for the context definition, it must always provide a context_id in its messages. The client can optionally provide the context_id if it knows the context to associate the message to. Similarly for task_id, except the server decides if a task is created and whether to include the task_id.
| Fields | |
|---|---|
message_id |
The unique identifier (e.g. UUID)of the message. This is required and created by the message creator. |
context_id |
The context id of the message. This is optional and if set, the message will be associated with the given context. |
task_id |
The task id of the message. This is optional and if set, the message will be associated with the given task. |
role |
A role for the message. |
content[] |
protolint:disable REPEATED_FIELD_NAMES_PLURALIZED Content is the container of the message content. |
metadata |
protolint:enable REPEATED_FIELD_NAMES_PLURALIZED Any optional metadata to provide along with the message. |
extensions[] |
The URIs of extensions that are present or contributed to this Message. |
MutualTlsSecurityScheme
| Fields | |
|---|---|
description |
Description of this security scheme. |
OAuth2SecurityScheme
| Fields | |
|---|---|
description |
Description of this security scheme. |
flows |
An object containing configuration information for the flow types supported |
oauth2_metadata_url |
URL to the oauth2 authorization server metadata RFC8414. TLS is required. |
OAuthFlows
| Fields | |
|---|---|
Union field
|
|
authorization_code |
|
client_credentials |
|
implicit |
|
password |
|
OpenIdConnectSecurityScheme
| Fields | |
|---|---|
description |
Description of this security scheme. |
open_id_connect_url |
Well-known URL to discover the [[OpenID-Connect-Discovery]] provider metadata. |
Part
Part represents a container for a section of communication content. Parts can be purely textual, some sort of file (image, video, etc) or a structured data blob (i.e. JSON).
| Fields | |
|---|---|
metadata |
Optional metadata associated with this part. |
Union field
|
|
text |
|
file |
|
data |
|
PasswordOAuthFlow
| Fields | |
|---|---|
token_url |
The token URL to be used for this flow. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
refresh_url |
The URL to be used for obtaining refresh tokens. This MUST be in the form of a URL. The OAuth2 standard requires the use of TLS. |
scopes |
The available scopes for the OAuth2 security scheme. A map between the scope name and a short description for it. The map MAY be empty. |
PushNotificationConfig
Configuration for setting up push notifications for task updates.
| Fields | |
|---|---|
id |
A unique identifier (e.g. UUID) for this push notification. |
url |
Url to send the notification too |
token |
Token unique for this task/session |
authentication |
Information about the authentication to sent with the notification |
Role
| Enums | |
|---|---|
ROLE_UNSPECIFIED |
|
ROLE_USER |
USER role refers to communication from the client to the server. |
ROLE_AGENT |
AGENT role refers to communication from the server to the client. |
Security
| Fields | |
|---|---|
schemes |
|
SecurityScheme
| Fields | |
|---|---|
Union field
|
|
api_key_security_scheme |
|
http_auth_security_scheme |
|
oauth2_security_scheme |
|
open_id_connect_security_scheme |
|
mtls_security_scheme |
|
SendMessageConfiguration
Configuration of a send message request.
| Fields | |
|---|---|
accepted_output_modes[] |
The output modes that the agent is expected to respond with. |
push_notification |
A configuration of a webhook that can be used to receive updates |
history_length |
The maximum number of messages to include in the history. if 0, the history will be unlimited. |
blocking |
If true, the message will be blocking until the task is completed. If false, the message will be non-blocking and the task will be returned immediately. It is the caller's responsibility to check for any task updates. |
SendMessageRequest
/////////// Request Messages ///////////
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
request |
Required. The message to send to the agent. |
configuration |
Configuration for the send request. |
metadata |
Optional metadata for the request. |
SendMessageResponse
////// Response Messages ///////////
| Fields | |
|---|---|
Union field
|
|
task |
|
msg |
|
StreamResponse
The stream response for a message. The stream should be one of the following sequences: If the response is a message, the stream should contain one, and only one, message and then close If the response is a task lifecycle, the first response should be a Task object followed by zero or more TaskStatusUpdateEvents and TaskArtifactUpdateEvents. The stream should complete when the Task if in an interrupted or terminal state. A stream that ends before these conditions are met are
| Fields | |
|---|---|
Union field
|
|
task |
|
msg |
|
status_update |
|
artifact_update |
|
StringList
protolint:disable REPEATED_FIELD_NAMES_PLURALIZED
| Fields | |
|---|---|
list[] |
|
Task
Task is the core unit of action for A2A. It has a current status and when results are created for the task they are stored in the artifact. If there are multiple turns for a task, these are stored in history.
| Fields | |
|---|---|
id |
Unique identifier (e.g. UUID) for the task, generated by the server for a new task. |
context_id |
Unique identifier (e.g. UUID) for the contextual collection of interactions (tasks and messages). Created by the A2A server. |
status |
The current status of a Task, including state and a message. |
artifacts[] |
A set of output artifacts for a Task. |
history[] |
protolint:disable REPEATED_FIELD_NAMES_PLURALIZED The history of interactions from a task. |
metadata |
protolint:enable REPEATED_FIELD_NAMES_PLURALIZED A key/value object to store custom metadata about a task. |
TaskArtifactUpdateEvent
TaskArtifactUpdateEvent represents a task delta where an artifact has been generated.
| Fields | |
|---|---|
task_id |
The id of the task for this artifact |
context_id |
The id of the context that this task belongs too |
artifact |
The artifact itself |
append |
Whether this should be appended to a prior one produced |
last_chunk |
Whether this represents the last part of an artifact |
metadata |
Optional metadata associated with the artifact update. |
TaskPushNotificationConfig
| Fields | |
|---|---|
name |
The resource name of the config. Format: tasks/{task_id}/pushNotificationConfigs/{config_id} |
push_notification_config |
The push notification configuration details. |
TaskState
The set of states a Task can be in.
| Enums | |
|---|---|
TASK_STATE_UNSPECIFIED |
|
TASK_STATE_SUBMITTED |
Represents the status that acknowledges a task is created |
TASK_STATE_WORKING |
Represents the status that a task is actively being processed |
TASK_STATE_COMPLETED |
Represents the status a task is finished. This is a terminal state |
TASK_STATE_FAILED |
Represents the status a task is done but failed. This is a terminal state |
TASK_STATE_CANCELLED |
Represents the status a task was cancelled before it finished. This is a terminal state. |
TASK_STATE_INPUT_REQUIRED |
Represents the status that the task requires information to complete. This is an interrupted state. |
TASK_STATE_REJECTED |
Represents the status that the agent has decided to not perform the task. This may be done during initial task creation or later once an agent has determined it can't or won't proceed. This is a terminal state. |
TASK_STATE_AUTH_REQUIRED |
Represents the state that some authentication is needed from the upstream client. Authentication is expected to come out-of-band thus this is not an interrupted or terminal state. |
TaskStatus
A container for the status of a task
| Fields | |
|---|---|
state |
The current state of this task |
update |
A message associated with the status. |
timestamp |
Timestamp when the status was recorded. Example: "2023-10-27T10:00:00Z" |
TaskStatusUpdateEvent
TaskStatusUpdateEvent is a delta even on a task indicating that a task has changed.
| Fields | |
|---|---|
task_id |
The id of the task that is changed |
context_id |
The id of the context that the task belongs to |
status |
The new status of the task. |
final |
Whether this is the last status update expected for this task. |
metadata |
Optional metadata to associate with the task update. |
TaskSubscriptionRequest
| Fields | |
|---|---|
tenant |
Optional tenant, provided as a path parameter. Experimental, might still change for 1.0 release. |
name |
The resource name of the task to subscribe to. Format: tasks/{task_id} |