OASP
Spec Schemas GitHub
Open Agent Session Protocol · v0.4 draft

A Conversation is not a Session.

OASP is an open standard for agent conversations that outlive their execution context — with first-class identity and audit. The durable, user-facing thread persists across the disposable, provider-side sessions it rides on.

Read the spec View schemas The Standard
// the one idea

A durable thread, over disposable sessions

fig.1 — conversation lifecycle
Conversation conv_7Q2f durable · under tension
now
publish ↓
migrate · session upgrade
lineage preserved
sess_a
runtime v1.2
sess_b
runtime v1.3 · pinned
sess_c
drain sess_a
upgradedFrom sess_a
portable across providers
time →
Conversation — durable Session — disposable Event — send / stream / tool-call markers publish migrate drain

One Conversation , published once, rides a succession of disposable Sessions — upgraded in place ( migrate ), retired cleanly ( drain), even across providers — with its full lineage and audit trail preserved throughout.

// the problem

Every serious agent app hand-builds this.

Durable threads over ephemeral runtimes; version pinning; clean cutovers; an audit trail an auditor will actually accept. Teams reinvent it in-house, badly, every time. OASP standardizes it — so the hard part is a spec you adopt, not a system you maintain.

version pinningA Conversation stays on the agent version it started on.
session upgradeMove to a new runtime mid-thread, seamlessly, via migrate.
drainRetire a Session cleanly — finish in-flight work, no dropped state.
portabilityThe same Conversation can ride Sessions on different providers.
// resource model

Eight resources, at a glance

The whole protocol is a small, closed set of resources and the interactions between them.

AgentDefinition definition

The versioned contract an agent is deployed from.

Deployment runtime

A running instance of an AgentDefinition.

Conversation core

The durable, user-facing thread. Outlives its sessions.

Session core

A disposable, provider-side execution context.

Event runtime

An append-only record on a Session: send, stream, tool-call.

Principal identity

An identity acting in the system: user, agent, or service.

Credential identity

A scoped, on-behalf-of grant with containment.

AuditEvent audit

Normative record: what happened, as whom, when.

interactions
publish

Open a Conversation on a Deployment.

migrate

Upgrade to a new Session; lineage preserved.

drain

Retire a Session; finish in-flight work.

stream

Read Events as they append.

send

Append an Event to the active Session.

// identity & audit

Federation-ready identity. Audit as a conformance requirement.

Scopes at every level, an IdP-agnostic Principal claims contract, and an on-behalf-of model with scope-pinned containment. “What did the agent do, as whom, when” is answerable by any conformant implementation — because AuditEvent is normative, not an add-on.

Identity & Audit
AuditEvent { // normative — required to conform
ts: "2026-07-09T17:04:12.882Z",
actor: "prn_agent_31",
onBehalfOf: "prn_9x4", // acting for the user
action: "conversation.migrate",
target: "conv_7Q2f",
session: { from: "sess_a", to: "sess_b" },
result: "ok"
}
// conformance

Three ways to conform. One kit to prove it.

All levels →
L1Client

Speaks OASP to a server: publish, send, stream, and follows migrations without dropping the thread.

L2Server

Hosts Conversations & Sessions, implements migrate and drain, and MUST emit AuditEvents.

L3Adapter

Bridges a non-OASP runtime into OASP, mapping native sessions onto OASP Sessions.

// implementations

Loom is the reference. The standard invites the rest.

All implementations →
Loomreference server

Loom implements OASP. It is the production system OASP was extracted from — the standard is what Loom already had to be. Apache-2.0.

Implement OASP

Build a Client, Server, or Adapter. Run the conformance kit. List your implementation here — the ecosystem is meant to be more than one vendor.

Start with the spec