a2a cloud
a first-class A2A home

Deploy an A2A agent with its card and endpoint ready.

Google's A2A protocol lets agents discover and delegate to each other — but implementing the agent card, the JSON-RPC endpoint, and safe delegation is real work. a2a cloud makes it a deploy. Your agent card is generated and served, the A2A endpoint is live with TLS, and every delegated call between agents carries a scoped Ed25519 grant and returns a signed receipt.

agent card served · signed delegation · no ambient trust

0
agent card authored
0
protocols per tool
0%
signed per task
the problem

The A2A protocol is the easy part. Running it isn't.

Adopting Agent2Agent means more than importing a library. Something has to generate and serve the agent card at the right well-known path, implement the JSON-RPC task and message surface, stand up TLS and a stable hostname, and — the part everyone underestimates — make agent-to-agent delegation safe. Do that with shared keys and you've built a mesh where any agent holding the key inherits full authority, with no record of who delegated what to whom.

Hand-authored agent cards drift out of sync with the code they're supposed to describe.
Implementing the A2A JSON-RPC surface — tasks, messages, streaming — is undifferentiated plumbing.
Shared keys for delegation mean any agent in the chain inherits full, unbounded authority.
A multi-agent call chain scatters logs, so reconstructing the delegation path is manual and lossy.
the a2a way

Governed agent execution, across the agent graph.

a2a cloud treats the A2A surface as a platform output. The card, the endpoint, and signed delegation ship on deploy, so the agent you wrote becomes an addressable, governable A2A peer.

Agent card, servedA2A endpoint out of the boxSigned delegation between agentsReceipts across the agent graphSkills speak MCP and OpenAPI tooAny framework, any language

Agent card, served

Your A2A agent card is generated and served at the well-known path on deploy. Other agents discover your skills, endpoints, and capabilities the moment the deploy is live — no manifest hand-authoring.

A2A endpoint out of the box

The A2A JSON-RPC endpoint is stood up automatically, with TLS and a stable hostname. Tasks, messages, and streaming updates work against a real, addressable agent, not a localhost demo.

Signed delegation between agents

When one agent calls another, the call carries a scoped grant — an Ed25519 token binding audience and TTL. Agent-to-agent authority is explicit and short-lived, not a shared key passed hand to hand.

Receipts across the agent graph

Every A2A task returns an Ed25519-signed receipt recording the calling agent, the grant it held, and the result. When agents call agents, you get an evidence trail across the whole chain.

Skills speak MCP and OpenAPI too

The same skills your agent card advertises are also published as MCP tools and REST/OpenAPI operations. One agent, reachable by A2A peers, MCP clients, and plain HTTP callers alike.

Any framework, any language

Bring a LangGraph, CrewAI, OpenAI Agents SDK, or custom Python/TypeScript agent. a2a cloud wraps it in the A2A protocol surface — you don't rewrite it to speak Agent2Agent.

side-by-side

Rolling your own A2A vs. deploying on a2a cloud.

dimension
DIY A2A
a2a cloud
discovery
You hand-write and host an agent card at the right well-known path, then keep it in sync with your code.
The agent card is generated from your tools and served automatically on every deploy.
endpoint
You implement the A2A JSON-RPC surface — tasks, messages, streaming — and stand up TLS and a hostname.
A production A2A endpoint with TLS and a stable hostname ships with the deploy.
delegation
Agent-to-agent calls reuse a shared key. Any agent that holds it inherits full authority.
Each delegated call carries a scoped Ed25519 grant with a bound audience and TTL.
audit
A multi-agent chain leaves scattered logs. Reconstructing who asked whom to do what is manual.
Every A2A task returns a signed receipt, so the delegation chain is an evidence trail.
reach
Speaking A2A, MCP, and HTTP means three separate integrations of the same logic.
One tool definition is served as A2A, MCP, and OpenAPI simultaneously.
questions

Frequently asked.

What does it take to deploy an A2A agent?

Point a2a cloud at your agent and run `a2a deploy`. It generates and serves your A2A agent card, stands up the A2A JSON-RPC endpoint with TLS and a stable hostname, and provisions a managed Postgres database. Your agent is discoverable and callable by other A2A agents immediately.

What is the A2A protocol and does a2a cloud implement it?

A2A (Agent2Agent) is Google's open protocol for agents to discover each other via an agent card and exchange tasks and messages over JSON-RPC. a2a cloud implements it as a first-class surface: the agent card, the endpoint, and streaming task updates are generated for you, not something you hand-build.

How does one agent delegate to another safely?

Delegated calls carry a scoped grant — an Ed25519 token binding the audience and a TTL — instead of a shared key. The receiving agent gets exactly the authority the caller intended, for a bounded window. This is scoped authority between agents, with no ambient trust across the graph.

Can I audit a multi-agent chain?

Yes. Every A2A task returns an Ed25519-signed, hash-chained receipt recording the calling agent, the grant it presented, and the result. When agents call agents, the receipts form an evidence trail across the whole chain — you can prove which agent asked which agent to do what.

Do I have to rewrite my agent to speak A2A?

No. Bring a LangGraph, CrewAI, OpenAI Agents SDK, or custom Python/TypeScript agent as-is. a2a cloud wraps it in the A2A protocol surface and simultaneously publishes its tools as MCP tools and OpenAPI operations, so the same agent is reachable by A2A peers, MCP clients, and HTTP callers.

keep reading

Related guides.

All guides live in the guides index.

an addressable, provable agent

Deploy your A2A agent with proof.

a2a cloud deploys any agent — LangGraph, CrewAI, OpenAI Agents SDK, or custom — as a first-class A2A peer: generated agent card, live JSON-RPC endpoint, managed Postgres, MCP and OpenAPI surfaces, and an Ed25519-signed receipt for every task. Scoped grants govern delegation between agents. One deploy, a governable agent graph.