Fail-Closed Architecture
When In Doubt, Deny.
Most authorization systems fail open — when they go down, everything gets through. Intended fails closed. If the authority service is unreachable, no AI agent action executes. Period.
The Critical Question
What happens when your authorization system goes down?
Toggle the simulation below to see how fail-open and fail-closed architectures respond to the same outage.
Fail-Open System
Fail-Closed (Intended)
Defense in Depth
Every boundary is fail-closed
Four independent boundaries, each with its own fail-closed gate. A failure at any point blocks the action.
API Gateway
Validates request format and authentication. Rejects malformed requests.
Intent Compiler
Classifies the action. If classification fails, action is denied.
Authority Engine
Evaluates policies. If unavailable, the default decision is DENY.
Execution Gateway
Verifies authority token. No valid token means no execution.
The Rule
No token, no execution
The execution gateway requires a valid, unexpired, single-use authority token before any action proceeds. There are no exceptions, no bypass flags, and no override modes.
Recovery
Self-healing recovery
When the authority service recovers from an outage, queued actions are re-evaluated against current policies. Nothing slips through the cracks, and no action is permanently lost.
Actions queued
Re-evaluated
Zero data loss
Authorization that never fails silently.
Free to start. No credit card required.