Building the Agentic Future: An Inside Look at the awaBerry Agentic API

The Agentic API is not just another API — it is zero-trust device access as a service. In this post I explain how it works, why we built it the way we did, and what it unlocks for teams building AI-native workflows.

When people hear "API for device access" they usually imagine something like an SSH tunnel with a REST wrapper around it. That is not what the awaBerry Agentic API is. Let me explain what it actually does — and more importantly, why the design decisions we made matter for teams building agentic workflows.

The Problem We Were Solving

Modern AI workflows — whether you are using LangChain, AutoGen, custom agents, or just a well-structured script — increasingly need to do things in the physical world. Run a computation on a specific machine. Read a sensor. Trigger a build on a CI server that sits behind a corporate firewall. Restart a service on a remote device.

The traditional answer is VPN. Set up a VPN, give the agent credentials, let it roam freely inside the network. This is a catastrophically bad idea in 2026. You are giving an autonomous system broad lateral movement capability across your infrastructure, with no per-action authorisation, no scoped permissions, and no audit trail tied to the specific agent invocation.

We needed something different.

Zero-Trust Access as a Service

The Agentic API exposes your registered devices to programmatic access via encrypted, zero-trust tunnels. The key properties are:

Per-session tunnels: Every connection is a fresh, cryptographically authenticated session. There is no persistent "always-on" exposure.
Scoped access tokens: You grant access to a specific device, for a specific service (e.g., port 22 for SSH, or port 8080 for a web service), for a specific time window. The token cannot be used for anything outside that scope.
Full audit trail: Every tunnel creation, connection, and termination is logged with the calling identity, timestamp, and parameters. Your SIEM gets a clean, structured feed.
No inbound exposure: Device agents use outbound-only HTTPS tunnels. Nothing in your network needs to accept inbound connections from the internet.

How an Agent Uses It

From an AI agent's perspective, the flow is simple:

Request a scoped access token for a specific device and service from the awaBerry API (using a long-lived API key with its own permission scope)
Receive a short-lived token and connection endpoint
Connect to the device via the returned endpoint, authenticating with the short-lived token
Execute the required action
Token expires automatically — no cleanup required

The agent never has network-level access to the device. It cannot probe other services. It cannot escalate privileges beyond what the token permits. If the token is somehow intercepted, it is useless outside the context it was issued for.

The Combination That Makes It Powerful

The Agentic API is most powerful when combined with the Smart Automation Framework. The Framework generates scripts that live on the device and execute locally. The Agentic API provides the programmatic trigger mechanism. Together, they form a complete, auditable, AI-native automation loop: an agent instructs a device to run a locally-stored script, over a scoped tunnel, with a full audit trail. No persistent exposure. No AI tokens burned at execution time.

This is what we mean when we say awaBerry is AI-native. It was not designed to bolt AI capabilities onto existing infrastructure — it was designed for the agentic era from the ground up.

If you want to see it in action, the Agentic API product page has a technical walkthrough, or you can reach out directly for a live demonstration.