Add OIDC/DID SSO, A2A hand-off, and pluggable memory to any LLM engine. Zero-config auth for Ollama, vLLM, and multi-agent frameworks.
pip install attach-devLLM engines such as Ollama or vLLM ship with zero auth. Agent-to-agent protocols assume a Bearer token is already present but don't tell you how to issue or validate it. Teams end up wiring ad-hoc reverse proxies, leaking ports, and copy-pasting JWT code.
Run it next to any model server and get secure, shareable context in under 1 minute.
Verifies OIDC/JWT or DID-JWT tokens and stamps X-Attach-User + X-Attach-Session headers so every downstream agent sees the same identity.
Implements /a2a/tasks/send + /tasks/status for Google A2A & OpenHands hand-off between multiple agents in your workflow.
Mirrors prompts & responses to a memory backend (Weaviate Docker container by default) for persistent context and retrieval.
Built-in Temporal integration for workflow orchestration and tracing across your entire multi-agent pipeline.
Get secure, authenticated LLM endpoints running on your local machine in under a minute.
# Install the package
pip install attach-dev
# Start memory in Docker
docker run --rm -d -p 6666:8080 \
-e AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED=true \
semitechnologies/weaviate:1.30.5
# Export your token
export JWT="<paste Auth0 or DID token>"
export OIDC_ISSUER=https://YOUR_DOMAIN.auth0.com
export OIDC_AUD=ollama-local
# Run gateway
attach-gateway --port 8080 &
# Make a protected call
curl -H "Authorization: Bearer $JWT" \
-d '{"model":"tinyllama","prompt":"hello"}' \
http://localhost:8080/api/chat | jq .Prerequisites: Python 3.12, Ollama installed, Auth0 account or DID token