A2WF Logo Public Draft v1.0

The Agent-to-Web Framework

A practical framework for websites to publish permissions, policies, and interaction rules for AI agents.

W3C Update: A2WF is now live as a W3C Community Group.

Join the group
🔄 Convert Your Website Read the Specification View on GitHub

Why A2WF?

AI agents are coming. Who controls what they do on YOUR website?

A2WF helps website operators declare what AI agents may do on their websites — and what they must not do. Machine-readable. Practical. Policy-first.

🚫

No Granular Control

robots.txt only offers binary allow/disallow for crawling. It knows nothing about AI agent actions like booking, purchasing, or data extraction.

⚖️

Legal Uncertainty

The EU AI Act takes effect August 2026. Website operators need machine-readable compliance mechanisms. No such mechanism exists today.

🤖

No Agent Identification

No standard requires AI agents to identify themselves before interacting. You can't distinguish a helpful assistant from a data scraper.

A2WF gives you the middle ground.

Define exactly what AI agents can do on your website — and what they can't.

🛡️

Define Policies

Go beyond robots.txt. Set granular permissions for reading, actions, and data access — per agent, per section.

🔑

Control Access

Rate limits, authentication requirements, human-in-the-loop verification. Your website, your rules.

🔗

Works With Everything

Complements MCP, A2A, OpenAI Plugins, and custom frameworks. One policy file, universal compatibility.

One file. Complete control.

Place a siteai.json file on your web server. AI agents read it before interacting — just like robots.txt, but with the granularity the AI era demands.

Get Started → 
{
  "@context": "https://schema.org",
  "specVersion": "1.0",
  "identity": {
    "@type": "WebSite",
    "name": "Example Store",
    "description": "Online retail",
    "inLanguage": "en",
    "category": "e-commerce"
  },
  "permissions": {
    "read": {
      "productCatalog": { "allowed": true },
      "pricing": { "allowed": true }
    },
    "action": {
      "search": { "allowed": true },
      "checkout": {
        "allowed": true,
        "humanVerification": true
      },
      "submitReview": { "allowed": false }
    },
    "data": {
      "customerRecords": { "allowed": false },
      "paymentInfo": { "allowed": false }
    }
  },
  "scraping": {
    "trainingDataUsage": false
  }
}

robots.txt was built for crawlers, not agents.

Modern AI agents don't just crawl — they interact. A2WF is the governance layer.

robots.txt: Binary Allow/Deny

Can only say "crawl this" or "don't crawl this". No concept of actions, authentication, or rate limits.

A2WF: Granular Permissions

Define what agents can read, what actions they can take, what data they can access, and under what conditions.

robots.txt: No Identity

Websites can't describe themselves in a structured way that agents understand.

A2WF: Rich Metadata

Name, category, language, contact, business hours — everything an agent needs to interact intelligently.

Ready to Define Your siteai.json?

Join the growing community of website operators taking control of AI agent interactions.

Read the Docs Star on GitHub ⭐