UAI-1 is the current public message standard for structured AI-to-AI communication.
UAIX shield mark Public interoperability charter UAIX.org Universal Artificial Intelligence Exchange Public standards publication
Current UAI-1
  • Current version UAI-1
  • Plain-English definition Open message format for auditable AI-to-AI exchange
  • Current attribution Michael Joseph Kappel, MCP
  • Start here Get Started, Project Handoff, UAI-1, validator, roadmap, and changelog

Guides

Minimal Access Tier

Read-only public GET access tier for URL-only agents: no body, no auth, no custom headers, no JavaScript dependency, and a two-field code/url response.

  • Record UAIX-DOC-2721
  • Path /en-us/guides/minimal-access-tier/
  • Use Canonical public record

Document status

Public standards page Published on UAIX as part of the current public standards record
Code
UAIX-DOC-2721
Surface
Guides
Access
Public and linkable

How to use this page

Use this guide for the strict Minimal Access contract: public GET only, no body, no auth, no custom headers, no JavaScript, no mutation, and only code/url in the minimal response.

Minimal Access Tier is the public-safe chatbot floor. It exists for clients that can only fetch a URL and read a tiny JSON response.

Request contract

  • Method: GET only.
  • Request body: none.
  • Authentication: none.
  • Custom headers: none.
  • Client-side JavaScript: not required.
  • State change: never.

Minimal response example

Code example
{ "code": 200, "url": "https://example.org/agent-start/" }
Transfer formatOptimized (Keyless) JSON
Code example
[]

Field order follows the keyed JSON example, the published schema order, and the public field registry.

The minimal response example has exactly two keys: code and url. Do not add status text, actions, secrets, user identifiers, tokens, or private context to this tier.

Allowed codes

Code Meaning Chatbot behavior Advanced-agent behavior
200 Resolved public entry URL. Open or cite the URL and continue reading. Resolve the linked public record and continue capability negotiation.
202 Accepted as public review material, no action yet. Read the URL and stop before action. Create a review or blocker record before writes.
303 See another public URL. Follow the URL only. Preserve redirect evidence and re-evaluate capability.
400 Malformed or unsupported request. Report unsupported request and stop. Prepare a corrected packet or ask a human.
403 Not public or not allowed. Do not retry with secrets. Require authorization outside Minimal Access.
410 Public entry retired. Use the returned replacement URL if present. Record deprecation and re-resolve discovery.
428 Higher capability or human review required. Stop and ask for a capable path. Escalate to POST JSON, consent, or human review.

Safe read order

  1. /agent-start/
  2. /ai-summary/
  3. /claim-boundary-faq/
  4. /ecosystem-overlay/

No-op rule

When a Minimal Access client is uncertain, it should cite the public URL and stop. It should not infer a write action, synthesize credentials, submit forms, or treat a query string as private.

Boundary

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

  • Minimal Access is read-only, public-safe, GET-only, URL-only, and must not mutate state.
  • GET-Action is a separate bounded fallback for bounded actions and must not be treated as a replacement for POST JSON APIs.
  • UAIX does not certify runtime safety, truth, consciousness, authorization, medical suitability, or production readiness.

Machine-readable companions

Agent Communication Operating Model

Agent runtimes execute. UAIX records the reviewed communication, memory, trust, evidence, and handoff boundary.

Use Agent Communication Operating Model when a human operator, coding agent, AI agent, or runtime implementer needs portable identity, intent, context, acknowledgement, status, blocker, memory proposal, validation evidence, correction, final report, or handoff records. The matching machine-readable assets are published through Schemas, Registry, Examples, and the Validator.

  • UAIX does not provide automatic sync, hosted messaging, runtime orchestration, official adapters, repository write execution, certification authority, or hosted import mechanisms.
  • Carcinus.org is a separate runtime/orchestrator example that may consume UAIX records. UAIX.org does not implement Carcinus runtime behavior and does not execute Carcinus workflows.
  • LocalEndPoint and other runtimes may consume the published UAIX records as external consumers; UAIX.org does not implement their project-specific runtime features.
  • Durable memory proposals stay separate from task execution records. Do not promote temporary endpoint statuses, session tokens, write tokens, beta platform instructions, local error traces, private keys, or API credentials.