This project is not covered by Drupal’s security advisory policy.

Acquia AI authenticates AI agent requests to a Drupal site using JWT tokens
issued by Acquia ID, Acquia's OAuth 2.0 identity
provider. It validates incoming bearer tokens against Acquia ID's published
JWKS endpoint, resolves authenticated agent sessions, and enforces a
configurable set of Drupal permissions for those sessions.

This module is a connector — it contains no embedded AI logic. It acts as the
authentication and authorization bridge between an external AI agent and your
Drupal site's APIs.

Configuration

Navigate to Administration > Configuration > Web services > Acquia AI
(/admin/config/services/acquia-ai).

Agent UID

The numeric Drupal user ID that authenticated agent sessions are mapped to.
Content created or modified by the agent is attributed to this account. Leaving
this at `0` creates an ephemeral session with no Drupal user record attached.

Agent permissions

A list of Drupal permissions granted to authenticated agent sessions. Only
tokens that carry the acquia-ai-agent OAuth scope receive these permissions.
All other users are unaffected.

Supporting organizations: 
Development and maintainence

Project information

Releases