A2WF Wizard - Generate an A2WF v1.1 document

This wizard helps you produce a syntactically valid A2WF v1.1 document. It is a reference implementation, not legal advice, and does not certify compliance. Everything runs locally in your browser - no telemetry, no upload.

1. Pick a starting preset

Choose the site type closest to yours. The preset gives you a starting document; you can change everything in the next steps.

Expert mode Show module toggles, oversight defaults editor, and advanced fields. Recommended only if you have read the specification.

Import an existing siteai.json instead Paste or load a v1.0 or v1.1 document and continue editing.

2. Site identity

Who owns this site? These fields end up in identity.

Legal name (required)

Contact e-mail (required, prefer a role address like privacy@...)

Site name

Site URL

Primary jurisdiction (ISO 3166-1 alpha-2)

Document language (BCP 47)

Legal name and a contact e-mail are required to continue.

3. Permissions

Each entry describes one action category your site exposes to AI agents. Adjust what an agent may do and what oversight applies.

Edit permission #

Action (short identifier)

Schema.org type

Effect

Allowed?

Notes (optional)

Override oversight inline (advanced)

If you leave this blank, the action inherits oversight from oversightDefaults[effect].

Level

Channel

Method

Timeout (ISO 8601, e.g. PT3M)

4. Optional modules

Each module adds one capability to your document. Enable only what you actually publish. The validator will check that enabled modules contain the required fields.

Enabling a module does NOT make you compliant with any regulation. It declares that you publish machine-readable metadata of a certain kind.

jurisdictions

Declare which legal regimes you consider applicable. Publisher self-declaration only.

dataHandling (DPV)

Machine-readable data-processing declarations using the DPV vocabulary.

agentIdentification

Which identity protocols you accept from agents (DID, VC, HTTP Message Signatures, OAuth).

auditTrail (light)

Declare WHETHER you log agent interactions and what categories of events. Capability declaration, NOT forensic evidence.

incidentReporting

Endpoint or address where A2WF-related incidents should be reported.

discoverabilityHints

Pointers to sitemap.xml, Schema.org actions, llms.txt, AI preferences. Advisory only.

codeOfPracticeAlignment

Only for actual GPAI providers under the EU AI Act. Do NOT enable unless you are one.

Module field editors are intentionally minimal in this wizard. After download, refine the JSON in your editor.

Findings

No findings yet. Save and download below, then run the validator.

Severity	Path	Section	Message

JSON preview

Document has validation failure(s). Fix the failures above before downloading. The Reference Wizard does not export documents that fail validation, because they would not be usable by Consumers.

Deploy

Serve the downloaded file at:

https://your-site.example/.well-known/a2wf/siteai.json

Required and recommended response headers:

Content-Type: application/json (required)
Cache-Control: public, max-age=3600 (or match your discovery.cache.maxAge)
ETag or Last-Modified (recommended, helps consumers cache efficiently)

Serve the file over HTTPS, do not require authentication, and do not include query strings in the discovery URL. If you previously published a v1.0 document at /siteai.json, keep serving the same content at that legacy path for at least one consumer caching cycle. v1.1 consumers will warn if they have to fall back, but accept it.

After deploy, sanity-check with curl -sI https://your-site.example/.well-known/a2wf/siteai.json to confirm headers, then run the file through the validator one more time.

Snippets for nginx, Apache, Cloudflare Workers and Express live under tools/logger-snippets/.

This wizard runs entirely in your browser. Your inputs never leave this page. The wizard does not certify legal compliance with GDPR, the EU AI Act, or any other regulation.