Quickstart

Install Delego, run the full propose → approve → resolve loop end-to-end, and see your first deterministic authorization decision. No agent or live service required.

Install

Delego is a Python package (3.10+). The core library and the delego CLI:

pip install delego

Add the MCP server (an optional extra) when you want an agent to propose actions over the Model Context Protocol:

pip install "delego[mcp]"

Initialise

Create a Delego home — signing keys, an example policy, and a .gitignore — then inspect the active policy:

delego init     # creates ~/.delego with signing keys and an example policy
delego policy   # inspect the active policy

Run the demo

From a clone, examples/demo.py walks the whole loop: an allowed read, a forbidden deny, an over-cap deny, an approval flow, the confused-deputy guard refusing a substituted action, and audit-chain tamper detection.

git clone https://github.com/Delego-Dev/delego && cd delego
pip install -e ".[dev]"
python examples/demo.py
pytest

Your first decision

Used as a library, an agent proposes an action — it never holds the secret. Delego returns an outcome of allow, needs_approval, or deny.

from delego import ProposedAction, build_firewall
from delego.config import Paths

fw = build_firewall(Paths.resolve(None))

decision = fw.propose(ProposedAction(
    instruction="place a small order",
    method="POST",
    url="https://api.example.com/orders",
    params={"amount": 2400, "currency": "USD", "destination": "internal"},
))

decision.outcome      # -> 'needs_approval'
decision.approval_id  # the id a human approves out-of-band

A human approves out-of-band, then the agent resolves the same action. A substituted action is refused — the fingerprint won’t match.

# human side (CLI): delego approve apr_xxxx
result = fw.resolve(decision.approval_id, order)
result.outcome   # -> 'allow', executed exactly once