Mandaitor Academy
Learn verifiable authority for agentic systems from first principles.
The Mandaitor Academy is a guided learning layer for users, builders, reviewers, and decision makers. It explains why bounded authority, identity, credentials, mandates, runtime checks, evidence, and governance matter when AI agents can use tools and business systems.
The Mandaitor Academy is not a reference manual. The regular documentation tells you how to integrate the product. The Academy explains why Mandaitor exists, which identity and authorization ideas it builds on, and how those ideas apply when AI agents can act through tools, APIs, workflows, and business systems.
Mandaitor starts from a simple but demanding premise: an agent should not be trusted merely because it can authenticate or because it was instructed in a prompt. It should be able to show bounded, verifiable, auditable authority for the specific action it is about to perform. That premise connects classical access control, decentralized identity, verifiable credentials, agentic AI, runtime policy enforcement, evidence generation, and governance.
The Academy is written for learners who may have no prior background in identity systems, verifiable credentials, authorization models, agentic AI, or compliance evidence. It teaches from first principles and gradually connects those concepts to Mandaitor's platform surfaces.
Move from first principles to product confidence
The Academy is organized as a learning product: each stage builds a mental model, connects it to a Mandaitor surface, and prepares the learner for a more advanced product or governance decision.
Start with authority, not tooling
Learn why capability and access are not the same as delegated authority, especially when agents can call business tools.
- Define principal, delegate, verifier, mandate, and evidence.
- Understand why prompt instructions are not enough for sensitive actions.
Add identity and proof
Connect DIDs, credentials, claims, and trust chains to the practical problem of knowing who is acting and why proof should be accepted.
- Treat agents as identifiable subjects.
- Separate technical proof validity from business trust decisions.
Verify runtime actions
Translate authority boundaries into policy checks that happen before a tool call, API request, or workflow action executes.
- Model scopes, constraints, lifecycle states, and escalation paths.
- Use verification decisions as a control point, not as after-the-fact logging.
Review evidence and adopt the product
Use evidence packs, dashboard signals, and staged product evaluation to improve policy, support reviewers, and plan implementation.
- Read dashboard signals through their underlying evidence.
- Move from one bounded use case to a repeatable adoption route.
Choose your learning track
A full Academy should meet different learners where they are. A founder, reviewer, engineer, and compliance stakeholder should not need to read the same route in the same order. The following tracks reuse the same chapter library but give each audience a clear path.
Beginner concepts
BeginnerUnderstand why authority is different from access and why agentic systems need explicit delegation boundaries.
- Audience
- New users, founders, product evaluators
- Effort
- 45–60 min
Identity and proof
IntermediateLearn how DIDs, verifiable credentials, claims, presentations, and trust chains make authority inspectable.
- Audience
- Architects, identity teams, technical reviewers
- Effort
- 60–90 min
Authorization architecture
IntermediateConnect mandates, policies, runtime verification, MCP-style tool calls, and Proof-of-Mandate evidence.
- Audience
- Builders, platform engineers, security teams
- Effort
- 75–100 min
Review and governance
MixedUnderstand how audit events, evidence packs, dashboards, and governance controls support accountable AI operations.
- Audience
- Risk, compliance, operations, executives
- Effort
- 60–90 min
Product adoption
MixedTranslate Academy concepts into evaluation steps, implementation routes, beta expectations, product readiness decisions, and a bounded first pilot.
- Audience
- Prospects, customer teams, implementation leads
- Effort
- 60–85 min
Your Academy progress
The Academy should stay public by default because it educates the market, supports search discovery, and reduces onboarding friction. Progress tracking starts locally in the browser, while account-based sync can later connect learning state to the existing Mandaitor account model.
Your Academy progress
Progress is saved locally in this browser. The Academy remains public; signing in later can sync learning state across devices and connect it to product onboarding.
The full learning map
The learning path moves from the basic question of authority to product usage and governance review. Each chapter includes diagrams, tables, and conceptual examples directly inside the lesson, because visual explanation belongs where the concept is taught rather than in a separate media chapter.
| Track | What the learner should understand | Recommended pages |
|---|---|---|
| Beginner concepts | Why identity, authority, delegation, and evidence matter before an agent acts. | Foundations, Agentic AI from First Principles |
| Identity and proof | How DIDs, credentials, claims, trust chains, and verification decisions fit together. | Decentralized Identity and DIDs, Verifiable Credentials, Trust Chains |
| Authorization architecture | How mandates, policy enforcement, tool calls, and runtime evidence connect. | Mandate Policies, Agentic Authorization |
| Review and governance | How audit events, evidence packs, dashboard status, and risk management make agent operations accountable. | Evidence Packs, Compliance Dashboard, Governance, Risk, and Compliance |
| Product adoption | How to move from concepts to practical Mandaitor evaluation, pilot planning, and implementation. | Product Learning Path, Development Status, Capstone Pilot Workbook |
| Access boundary | How public learning stays separate from gated partner enablement and internal Mandaitor material. | Public and Partner Academy Model, Role-Based Routes, Capstone Pilot Workbook |
| Reference layer | How recurring Academy terminology maps to practical Mandaitor concepts and deeper docs. | Academy Glossary, Core Concepts, Proof-of-Mandate |
Academy versus documentation
The Academy and the documentation are complementary. The Academy explains mental models, background standards, and design trade-offs. The documentation remains the source for step-by-step integration guides, API contracts, SDK usage, identity-provider setup, and operational configuration.
| Surface | Best for | Example question |
|---|---|---|
| Academy | Building conceptual understanding before implementation. | Why is Proof-of-Mandate different from a generic API token? |
| Concepts | Reading focused explanations of Mandaitor primitives. | What is a mandate, constraint, audit event, or verification decision? |
| Guides | Implementing a concrete workflow. | How do I create a mandate and verify an action? |
| API Reference | Inspecting exact request and response fields. | Which fields does the verification endpoint expect? |
A beginner should start in the Academy. An engineer who already understands the concept should jump between Academy pages and implementation guides. A reviewer or compliance stakeholder should begin with evidence, dashboard, and governance chapters before moving into product surfaces.
How Mandaitor fits into the broader technology landscape
Mandaitor does not invent the whole identity or AI-governance universe. It builds on established and emerging ideas. The W3C Verifiable Credentials Data Model defines a three-party model of issuers, holders, and verifiers for exchanging tamper-evident claims.1 W3C DID Core defines decentralized identifiers that can associate a subject with a DID document containing verification methods and services.2 The Model Context Protocol standardizes how LLM applications connect to tools and external context.3 NIST's AI Risk Management Framework frames AI risk as a socio-technical management discipline rather than a one-time technical checklist.4
Mandaitor's contribution is to bring these ideas into a practical authority layer for agentic systems. It gives teams a way to represent delegated authority, verify whether a proposed action fits that authority, and preserve evidence that can later be inspected by humans, systems, or auditors.
Suggested first reading sequence
If you are completely new, read the chapters in order. If you already know one domain, use the track cards above to skip to the path that matches your question. The strongest learning sequence is: first understand why authority is different from access, then learn how identity and credentials support verifiable proof, then study how agentic tool calls require runtime authorization, and finally learn how evidence becomes governance.