Skip to content

Developers / Platform SDKs

Platform SDKs

Typed clients and integrations for the Intended platform. TypeScript, Python, and Go language SDKs. A CLI. A Connector SDK. An MCP gateway. A Kubernetes admission controller. A Terraform provider. OpenShell / NemoClaw runtime adapters. All of it follows the same governance contract.

Request platform accessAPI ReferenceOpen source alternative

Platform customers only

Platform SDKs are distributed to Intended platform customers as part of platform access. They connect to the commercial Intended runtime, which provides the Large Intent Model, Enterprise Capability Engine, cryptographic Authority Tokens, and compliance crosswalks. If you want a fully self-hosted open source option, deploy IntendedOps with native governance.

Platform SDK catalog

One governance contract, every surface that matters.

Each card below is tagged shipped, preview, or roadmap. Shipped means production-tested and used internally; preview means working but still evolving and may include shape changes; roadmap means the design is locked but the implementation lands with a design-partner deal. Be honest with yourself about which you need before you commit.

@intended/sdk

Core SDK

TypeScript / Node.js

Full-featured client for the Intended platform API. Intent submission, execution pipeline, escalation handling, audit queries, and policy management.

  • Full execution pipeline
  • Typed API responses
  • Automatic retry with backoff
  • Escalation polling
  • Audit chain queries

@intended/verify

Core SDK

TypeScript / Node.js

Lightweight Authority Token verification library. RS256 signature validation, claim checking, nonce verification. Designed for any service that consumes a token and needs to independently confirm it was authorized.

  • RS256 signature validation
  • Claim integrity checks
  • Nonce consumption tracking
  • Expiry verification
  • Required claim matching

@intended/enforce

Core SDK

TypeScript / Node.js

Enforcement SDK for decision request and enforcement flows. Request authority, handle escalations, and execute with tokens in a single workflow.

  • Decision request flow
  • Escalation wait/poll
  • Token-gated execution
  • Retry with authority
  • Webhook integration

@intended/connector-sdk

Integration

TypeScript / Node.js

Build custom execution adapters for any target system. BaseAdapter handles token verification, nonce consumption, and audit recording so you implement just execute() and testConnection().

  • BaseAdapter scaffolding
  • Automatic token verification
  • Nonce consumption handling
  • Audit recording hooks
  • Test harness for adapters

@intended/cli

Tool

CLI

Command-line interface for intent simulation, token inspection, policy deployment, audit chain verification, and evidence export. Useful for CI/CD pipelines and operator workflows.

  • Intent simulation
  • Token inspection
  • Policy deployment
  • Audit chain verification
  • Evidence export

@intended/mcp-gateway

Runtime

TypeScript / Node.js

Authority gateway for Model Context Protocol servers. Intercepts every MCP tool call, classifies it against the Open Intent Layer, evaluates policy, and only forwards authorized invocations.

  • Drop-in MCP proxy
  • Per-call authority evaluation
  • Fail-closed enforcement
  • Open Intent Layer classification
  • Audit trail per call

@intended/k8s-admission

Runtime

Kubernetes

Kubernetes admission controller that applies the Intended authority boundary to cluster mutations. Every apply, delete, and scale is classified, evaluated, and authorized or blocked.

  • ValidatingAdmissionWebhook
  • Helm chart included
  • Per-namespace policies
  • Fail-closed on API unreachable
  • Audit trail per mutation

@intended/openshell-adapter

Runtime

TypeScript / Node.js

NVIDIA OpenShell / NemoClaw integration. Compile Open Intent Layer classifications and Domain LIM signals into policy YAML for the NVIDIA agent runtime stack.

  • OpenShell policy compiler
  • Domain LIM integration
  • NemoClaw-ready output
  • Per-environment policy packs
  • CLI-accessible via @intended/cli

intended-python

Language SDK

Python

Python client for the Intended platform. Intent submission, Authority Token verification, audit queries, plus ready-made guards for LangChain, Pydantic AI, OpenAI Agents SDK, and MCP.

  • Intent submission
  • Token verification
  • LangChain integration
  • Pydantic AI integration
  • OpenAI Agents SDK integration
  • MCP middleware

intended-go

Language SDK

Go

Go client for the Intended platform. Designed for infrastructure tooling, Kubernetes operators, and Go-based automation systems. Currently in preview — see ADR-006.

  • Intent submission
  • Token verification
  • Context-aware timeouts
  • gRPC-ready types

terraform-provider-intended

Infrastructure as Code

Terraform

Terraform provider for managing Intended platform tenants, policies, connectors, and authority boundaries as code. Roadmap (ADR-008) — types scaffolded; resource implementations land with the first IaC-driven design partner.

  • Tenant management
  • Policy-as-code
  • Connector provisioning
  • Authority boundary config
  • Plan/apply integration

What the SDKs look like

Code shape, not an install guide.

The snippets below show the shape of the TypeScript SDKs so you can evaluate whether the ergonomics fit your workflow. Access is granted to platform customers.

typescript
import { IntendedSdk } from "@intended/sdk";

const sdk = new IntendedSdk({
  apiKey: process.env.INTENDED_API_KEY,
});

// Full execution pipeline
const result = await sdk.execute({
  action: "deployment.trigger",
  target: "service-payments",
  environment: "production",
  adapter: "github-actions",
});

// result.decision.outcome → "AUTHORIZED"
// result.token.jwt → "eyJhbGci..."
// result.execution.status → "executed"
// result.audit.hash → "sha256:a1b2c3..."
@intended/sdk — full execution pipeline in TypeScript.
typescript
import { IntendedEnforceClient } from "@intended/enforce";

const enforce = new IntendedEnforceClient({
  apiKey: process.env.INTENDED_API_KEY,
});

// Request authority decision
const decision = await enforce.requestDecision({
  action: "database.migrate",
  target: "service-payments",
  environment: "production",
});

if (decision.outcome === "ESCALATED") {
  // Wait for human approval
  const approved = await enforce.waitForApproval(decision.id, {
    timeout: 300_000, // 5 minutes
  });
  if (!approved) throw new Error("Approval timeout");
}

// Execute with authority
await enforce.executeWithToken(decision.token);
@intended/enforce — decision request with escalation handling.
typescript
import { verifyAuthorityToken } from "@intended/verify";

const result = await verifyAuthorityToken(token, {
  publicKey: tenantPublicKey,
  requiredClaims: {
    action: "deployment.trigger",
    target: "service-payments",
  },
});

if (!result.valid) {
  throw new Error(`Authority denied: ${result.reason}`);
}
@intended/verify — independent Authority Token verification.

Request platform access.

Platform SDKs | Intended