UAI-1 is the current public message standard for structured AI-to-AI communication.
UAIX shield mark Public interoperability charter UAIX.org Universal Artificial Intelligence Exchange Public standards publication
Current UAI-1
  • Current version UAI-1
  • Plain-English definition Open message format for auditable AI-to-AI exchange
  • Current attribution Michael Joseph Kappel, MCP
  • Start here Get Started, Project Handoff, UAI-1, validator, roadmap, and changelog

Guides

Chatbot Access

Public UAIX access model for URL-only chatbots, Minimal Access, GET-Action fallback boundaries, progressive escalation, and advanced agent handoff support.

  • Record UAIX-DOC-2720
  • Path /en-us/guides/chatbot-access/
  • Use Canonical public record

Document status

Public standards page Published on UAIX as part of the current public standards record
Code
UAIX-DOC-2720
Surface
Guides
Access
Public and linkable

How to use this page

Use this guide to route URL-only chatbots through the public read-only floor, bounded GET-Action fallback rules, and higher-capability escalation without implying write permission.

Chatbot Access defines the public floor for agents that can only fetch URLs and read small records. It keeps low-capability clients useful without letting them infer permissions they do not have.

Access model

  • Minimal Access Tier: public-safe read-only GET requests with no body, no auth, no custom headers, and a two-field response.
  • GET-Action Pattern: bounded fallback for simple idempotent actions when POST is unavailable to an L0/L1 client.
  • Advanced Agent Support: schema-aware, POST-first, consent-bound, evidence-bearing behavior for capable clients.

Safe reading order

  1. /agent-start/ for the public entry point.
  2. /ai-summary/ for a compact site summary.
  3. /claim-boundary-faq/ for support and non-claim boundaries.
  4. /ecosystem-overlay/ for related layers without treating them as UAIX authority.

What chatbots should do

  • Prefer the lowest capability tier that answers the request.
  • Cite the public URL returned by Minimal Access and stop when action is not supported.
  • Never invent authentication, private context, hidden POST bodies, custom headers, or write authority.
  • Escalate to a human or a higher-capability agent when code 428, consent, POST JSON, or verification is required.

Route family

Boundary

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

  • Minimal Access is read-only, public-safe, GET-only, URL-only, and must not mutate state.
  • GET-Action is a separate bounded fallback for bounded actions and must not be treated as a replacement for POST JSON APIs.
  • UAIX does not certify runtime safety, truth, consciousness, authorization, medical suitability, or production readiness.

Machine-readable companions

Agent Communication Operating Model

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

Use Agent Communication Operating Model when a human operator, coding agent, AI agent, or runtime implementer needs portable identity, intent, context, acknowledgement, status, blocker, memory proposal, validation evidence, correction, final report, or handoff records. The matching machine-readable assets are published through Schemas, Registry, Examples, and the Validator.

  • UAIX does not provide automatic sync, hosted messaging, runtime orchestration, official adapters, repository write execution, certification authority, or hosted import mechanisms.
  • Carcinus.org is a separate runtime/orchestrator example that may consume UAIX records. UAIX.org does not implement Carcinus runtime behavior and does not execute Carcinus workflows.
  • LocalEndPoint and other runtimes may consume the published UAIX records as external consumers; UAIX.org does not implement their project-specific runtime features.
  • Durable memory proposals stay separate from task execution records. Do not promote temporary endpoint statuses, session tokens, write tokens, beta platform instructions, local error traces, private keys, or API credentials.