Skip to main content

Academy Glossary

Academy reference

Glossary for verifiable authority in agentic systems.

Use this page as a companion reference while moving through the Academy. It translates the recurring Mandaitor, identity, authorization, evidence, and governance terms into practical language for learners, reviewers, and builders.

The Academy introduces ideas from identity standards, verifiable credentials, runtime authorization, protocol-based tool use, and AI risk management. The W3C DID Core specification defines decentralized identifiers as URI-based identifiers whose associated DID documents can express verification methods and services.1 The W3C Verifiable Credentials Data Model describes a model for tamper-evident claims exchanged between issuers, holders, and verifiers.2 The Model Context Protocol provides a common way for applications to connect language models to external tools and context, which makes explicit authorization boundaries increasingly important.3 NIST's AI Risk Management Framework frames AI governance as a socio-technical risk discipline rather than a purely technical checklist.4

This glossary keeps those background ideas close to Mandaitor's product vocabulary. It is intentionally shorter than an API reference: each entry explains what the term means, why it appears in the Academy, and where to go next for deeper reading.

Use caseHow to use the glossary
First-time learnerKeep this page open while reading the beginner and identity lessons, especially when terms such as mandate, delegate, verifier, and credential appear together.
Builder or architectUse the runtime and evidence entries to align mental models before reading implementation guides for mandate creation, verification, and agent registry integration.
Reviewer or governance stakeholderUse the evidence and governance entries to connect dashboard signals, evidence packs, audit events, and escalation paths to real control objectives.
Authority and delegation

Authority and delegation

Authority

Read more

The bounded right to perform an action on behalf of another party. In Mandaitor, authority should be explicit, inspectable, and limited to a defined action context.

Academy use
Authority is the central question behind the Academy: can an agent prove it is allowed to act before it uses a tool or business system?
Related terms
Mandate, Principal, Delegate, Scope

Mandate

Read more

A digital, verifiable record of delegated authority. It connects who grants authority, who receives it, what action is allowed, and which constraints apply.

Academy use
Mandates are the Academy's main object for turning informal permission into a runtime-verifiable authority boundary.
Related terms
Principal, Delegate, Scope, Constraints, Proof-of-Mandate

Principal

Read more

The person, organization, service, or legal entity that owns the authority and grants it to another actor.

Academy use
The principal is the source of delegation. A mandate has no business meaning unless the principal is understood and trusted.
Related terms
Delegate, Subject, Mandate

Delegate

Read more

The actor that receives authority from the principal. In agentic systems this is often an AI agent, service account, workflow, or automation layer.

Academy use
The delegate is the actor whose action must be checked before execution, especially when it can call tools, APIs, or operational systems.
Related terms
Principal, Agent, Mandate

Scope

Read more

The exact action and resource boundary of a mandate. Scope answers what the delegate may do and where that permission applies.

Academy use
Scope keeps authorization narrow enough for runtime verification and later review instead of relying on broad platform access.
Related terms
Action, Resource, Taxonomy, Constraints

Constraints

Read more

Additional limits that control when and how a mandate is valid, such as time windows, financial limits, rate limits, approval rules, or escalation thresholds.

Academy use
Constraints explain why a credential or mandate may be technically valid but still not acceptable for a specific runtime action.
Related terms
Scope, Lifecycle state, Human escalation

Taxonomy

Read more

A structured vocabulary for domain-specific actions and resources. It gives mandate scopes a shared language instead of free-form permission text.

Academy use
Taxonomies help teams define reusable action names, resource patterns, and policy boundaries for a specific industry or workflow.
Related terms
Scope, Action, Resource
Identity and proof

Identity and proof

Decentralized Identifier (DID)

Read more

A standards-based identifier that can be associated with verification material without depending on a single centralized identity provider.

Academy use
DIDs help the Academy explain how an agent, organization, or service can have a stable identity that can be resolved and verified.
Related terms
DID document, Verification method, Subject

DID document

Read more

The document associated with a DID. It commonly contains verification methods, service endpoints, and metadata needed to interact with or verify the DID subject.

Academy use
The DID document bridges an identifier and the verification material needed to decide whether a signature or credential should be accepted.
Related terms
DID, Verification method, Trust chain

Verifiable Credential

Read more

A tamper-evident digital statement made by an issuer about a subject. A verifier can check the credential's integrity and issuer context.

Academy use
Verifiable credentials explain how claims about mandates, authority, identity, or status can become portable proof artifacts.
Related terms
Issuer, Holder, Verifier, Claim, Presentation

Claim

Read more

A specific statement inside a credential, such as an agent identity, allowed action, mandate identifier, status, or issuance timestamp.

Academy use
Claims are the data points reviewers and systems inspect when deciding whether a proof says what it appears to say.
Related terms
Credential, Presentation, Selective disclosure

Presentation

Read more

A package of credential material shown to a verifier. A presentation may reveal all claims or only selected claims depending on the disclosure model.

Academy use
Presentations connect credential theory to the practical question of what proof a reviewer, partner, or system receives.
Related terms
Credential, Verifier, Selective disclosure

Trust chain

Read more

The sequence of issuers, keys, registries, policies, and business decisions that explain why a verifier should accept a proof.

Academy use
Trust chains help learners separate cryptographic validity from the broader decision that a proof is appropriate for a business context.
Related terms
Issuer, Verifier, DID document, Credential status
Runtime authorization and evidence

Runtime authorization and evidence

Runtime verification

Read more

The act of checking a proposed action at the moment an agent or service wants to perform it, rather than only reviewing permissions beforehand or logs afterward.

Academy use
Runtime verification is the control point where mandate scope, constraints, lifecycle state, and request context are evaluated before execution.
Related terms
Verification decision, Mandate, Constraints

Verification decision

Read more

The result of a runtime authorization check, such as allowing, denying, or requiring escalation for a proposed action.

Academy use
Verification decisions teach learners that authorization should produce a reasoned outcome, not merely a silent technical pass or failure.
Related terms
Runtime verification, Reason code, Evidence pack

Proof-of-Mandate

Read more

A cryptographically secured evidence artifact showing that a specific action was authorized by a valid mandate at a specific time.

Academy use
Proof-of-Mandate is the bridge between runtime authorization and later auditability, because it preserves why a specific action was allowed.
Related terms
Mandate, Verifiable Credential, Audit event, Evidence pack

Audit event

Read more

A recorded event that captures something important in the mandate or verification lifecycle, such as creation, status change, verification, denial, or evidence generation.

Academy use
Audit events are the raw timeline that evidence packs, dashboards, and governance reviews rely on.
Related terms
Audit trail, Evidence pack, Compliance dashboard

Evidence pack

Read more

A review package that organizes proofs, audit events, decisions, reason codes, and context so a human or downstream system can understand what happened.

Academy use
Evidence packs turn runtime authorization into reviewable operational evidence for security, compliance, customer support, and dispute resolution.
Related terms
Proof-of-Mandate, Audit event, Compliance dashboard

Selective disclosure

Read more

A proof pattern where only selected claims are revealed while hidden claims remain protected without breaking verification.

Academy use
Selective disclosure helps explain how Mandaitor can support auditability while reducing unnecessary exposure of sensitive identifiers or tenant data.
Related terms
Presentation, Credential, Proof-of-Mandate
Governance and adoption

Governance and adoption

Compliance dashboard

Read more

A product surface that summarizes mandate status, verification outcomes, evidence availability, and review signals for teams responsible for oversight.

Academy use
The dashboard lesson teaches that summarized status must always connect back to proof, reason codes, and underlying evidence.
Related terms
Evidence pack, Audit event, Governance control

Governance control

Read more

A policy, procedure, system check, reviewer action, or escalation path that reduces operational, security, legal, or compliance risk.

Academy use
Governance controls connect Mandaitor's technical evidence to risk owners who need accountable decisions, not just logs.
Related terms
Human escalation, Evidence pack, AI risk

Human escalation

Read more

A control path where a request is paused, routed, or reviewed by a person because policy, risk, confidence, or business context requires human judgment.

Academy use
Human escalation reminds learners that verifiable automation should support accountable operations rather than remove all human responsibility.
Related terms
Constraints, Governance control, Verification decision

Lifecycle state

Read more

The current status of a mandate or proof-relevant object, such as active, pending approval, suspended, revoked, or expired.

Academy use
Lifecycle state matters because an otherwise well-formed mandate should not authorize action when it is no longer active for that context.
Related terms
Mandate, Constraints, Compliance dashboard

Product adoption path

Read more

A staged route for moving from conceptual understanding to a bounded Mandaitor evaluation, integration plan, operational review, and broader rollout decision.

Academy use
The adoption path helps prospects and implementation teams turn Academy concepts into a concrete first use case and evaluation checklist.
Related terms
Development status, Governance control, Evidence pack

How this glossary relates to the rest of the docs

The glossary is a learning aid, not a substitute for implementation guidance. When you need step-by-step product instructions, move from the term to the corresponding concept page, guide, or API reference. When you need business interpretation, move from the term back into the Academy lesson that teaches the decision context.

References