feat(console): simplify registration, add discover page, auto-whitelist

- Change claim token default protocols from "a2a" to "a2a,mcp,acp"
- Auto-whitelist: mutually add contacts for all agents owned by same user on claim
- Add console directory endpoint (GET /provider/directory) that includes user's private agents
- Add IncludeOwnerUserID filter to SQLite/Postgres stores
- Delete RegisterWizard and AgentRegisterPage (5-step wizard removed)
- Rewrite AgentEditPage as simple single-page form
- Dashboard: only show ClaimTokenSection when user has no agents
- ProviderAgentsPage: inline expandable ClaimTokenSection for registration
- Sidebar: replace "Register Agent" with "Discover" link
- New DiscoverAgentsPage with search, filters, and "Request Access" button
- Add discover-related i18n keys to all 8 locales

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: gcmsg

internal/registry/postgres.go

@@ -170,7 +170,12 @@ func (s *PostgresStore) List(ctx context.Context, filter ListFilter) (*ListResul
 	if filter.PlaygroundOnly {
 		conditions = append(conditions, "COALESCE(playground_enabled, FALSE) = TRUE")
 	}
-	if filter.PublicOnly {
+	if filter.IncludeOwnerUserID != "" {
+		// Show public agents + this user's own agents (including private ones).
+		conditions = append(conditions, fmt.Sprintf("(COALESCE(visibility, 'public') = 'public' OR owner_user_id = $%d)", argIdx))
+		args = append(args, filter.IncludeOwnerUserID)
+		argIdx++
+	} else if filter.PublicOnly {
 		conditions = append(conditions, "COALESCE(visibility, 'public') = 'public'")
 	}
 

internal/registry/sqlite.go

@@ -190,7 +190,11 @@ func (s *SQLiteStore) List(ctx context.Context, filter ListFilter) (*ListResult,
 	if filter.PlaygroundOnly {
 		conditions = append(conditions, "playground_enabled = 1")
 	}
-	if filter.PublicOnly {
+	if filter.IncludeOwnerUserID != "" {
+		// Show public agents + this user's own agents (including private ones).
+		conditions = append(conditions, "(COALESCE(visibility, 'public') = 'public' OR owner_user_id = ?)")
+		args = append(args, filter.IncludeOwnerUserID)
+	} else if filter.PublicOnly {
 		conditions = append(conditions, "COALESCE(visibility, 'public') = 'public'")
 	}
 

internal/registry/store.go

@@ -20,8 +20,9 @@ type ListFilter struct {
 	SortBy      string // "reputation", "name", "registered_at"
 	OwnerUserID string // Filter by owner user ID.
 	Category    string // Filter by category slug.
-	PlaygroundOnly bool   // Only return agents with playground_enabled=true
-	PublicOnly     bool   // Only return agents with visibility='public'
+	PlaygroundOnly     bool   // Only return agents with playground_enabled=true
+	PublicOnly         bool   // Only return agents with visibility='public'
+	IncludeOwnerUserID string // When PublicOnly is false, also include agents owned by this user ID
 }
 
 // ListResult holds a page of agents and pagination info.

internal/server/claim_handler.go

@@ -47,7 +47,7 @@ func (s *HTTPServer) handleGenerateClaimToken(w http.ResponseWriter, r *http.Req
 		Protocols:    strings.Join(req.Protocols, ","),
 	}
 	if params.Protocols == "" {
-		params.Protocols = "a2a"
+		params.Protocols = "a2a,mcp,acp"
 	}
 
 	token, err := s.claimToken.Generate(r.Context(), userID, params)
@@ -151,7 +151,7 @@ func (s *HTTPServer) handleClaimAgent(w http.ResponseWriter, r *http.Request) {
 		protoList = strings.Split(ct.Protocols, ",")
 	}
 	if len(protoList) == 0 {
-		protoList = []string{"a2a"}
+		protoList = []string{"a2a", "mcp", "acp"}
 	}
 
 	caps := req.Capabilities
@@ -189,7 +189,29 @@ func (s *HTTPServer) handleClaimAgent(w http.ResponseWriter, r *http.Request) {
 		// Agent is registered; don't fail the response.
 	}
 
-	// 5. Update routing table.
+	// 5. Auto-whitelist: mutually add all agents owned by the same user.
+	if s.contacts != nil && ct.UserID != "" {
+		ownedResult, err := s.registry.ListAgents(r.Context(), registry.ListFilter{
+			OwnerUserID: ct.UserID,
+			PageSize:    100,
+		})
+		if err == nil {
+			for _, sibling := range ownedResult.Agents {
+				if sibling.ID == card.ID {
+					continue
+				}
+				// Mutual: new→sibling + sibling→new
+				if _, err := s.contacts.Add(r.Context(), card.ID, sibling.ID, "", nil); err != nil {
+					s.logger.Debug("auto-whitelist: failed to add contact", "from", card.ID, "to", sibling.ID, "error", err)
+				}
+				if _, err := s.contacts.Add(r.Context(), sibling.ID, card.ID, "", nil); err != nil {
+					s.logger.Debug("auto-whitelist: failed to add contact", "from", sibling.ID, "to", card.ID, "error", err)
+				}
+			}
+		}
+	}
+
+	// 6. Update routing table.
 	s.engine.UpdateFromCard(card)
 
 	// Record reputation event.

internal/server/http.go

@@ -751,6 +751,7 @@ func (s *HTTPServer) registerProviderRoutes() {
 	s.mux.Handle("DELETE /api/v1/provider/agents/{id}", s.wrapUserAuth(s.handleProviderDeleteAgent))
 	s.mux.Handle("GET /api/v1/provider/agents/{id}/analytics", s.wrapUserAuth(s.handleProviderAgentAnalytics))
 	s.mux.Handle("GET /api/v1/provider/dashboard", s.wrapUserAuth(s.handleProviderDashboard))
+	s.mux.Handle("GET /api/v1/provider/directory", s.wrapUserAuth(s.handleConsoleDirectory))
 }
 
 func (s *HTTPServer) registerClaimTokenRoutes() {

internal/server/provider_handler.go

@@ -3,6 +3,7 @@ package server
 import (
 	"encoding/json"
 	"net/http"
+	"sort"
 	"strconv"
 	"time"
 
@@ -496,3 +497,116 @@ func (s *HTTPServer) handleProviderDashboard(w http.ResponseWriter, r *http.Requ
 		"agents":        agents,
 	})
 }
+
+// handleConsoleDirectory handles GET /api/v1/provider/directory — console directory search.
+// Unlike the public directory, this includes the user's own private agents.
+func (s *HTTPServer) handleConsoleDirectory(w http.ResponseWriter, r *http.Request) {
+	userID, ok := identity.UserIDFromContext(r.Context())
+	if !ok {
+		s.jsonError(w, "unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	q := r.URL.Query()
+
+	filter := registry.ListFilter{
+		Protocol:           q.Get("protocol"),
+		Capability:         q.Get("capability"),
+		Search:             q.Get("search"),
+		PageToken:          q.Get("page_token"),
+		SortBy:             q.Get("sort"),
+		IncludeOwnerUserID: userID,
+	}
+
+	if q.Get("status") != "" {
+		filter.Status = agentcard.AgentStatus(q.Get("status"))
+	}
+	if q.Get("verified") == "true" {
+		filter.Verified = true
+	}
+	if ms := q.Get("min_score"); ms != "" {
+		if score, err := strconv.ParseFloat(ms, 64); err == nil {
+			filter.MinScore = score
+		}
+	}
+	if ps := q.Get("page_size"); ps != "" {
+		if size, err := strconv.Atoi(ps); err == nil {
+			filter.PageSize = size
+		}
+	}
+	if q.Get("category") != "" {
+		filter.Category = q.Get("category")
+	}
+	if q.Get("playground_only") == "true" {
+		filter.PlaygroundOnly = true
+	}
+
+	sortByPopular := filter.SortBy == "popular"
+	if filter.SortBy == "" {
+		filter.SortBy = "reputation"
+	}
+	if sortByPopular {
+		filter.SortBy = "reputation"
+	}
+
+	result, err := s.registry.ListAgents(r.Context(), filter)
+	if err != nil {
+		s.jsonError(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+
+	// Build call counts for popular sort.
+	callCounts := make(map[string]int64)
+	if sortByPopular && s.invocation != nil {
+		since := time.Now().AddDate(0, 0, -7)
+		topAgents, err := s.invocation.TopAgents(r.Context(), since, 200)
+		if err == nil {
+			for _, a := range topAgents {
+				callCounts[a.AgentID] = a.TotalCalls
+			}
+		}
+	}
+
+	// Batch-fetch access flags and reputation.
+	agentIDs := make([]string, len(result.Agents))
+	for i, card := range result.Agents {
+		agentIDs[i] = card.ID
+	}
+
+	flagsMap, _ := s.registry.GetAccessFlagsBatch(r.Context(), agentIDs)
+	if flagsMap == nil {
+		flagsMap = map[string]*registry.AccessFlags{}
+	}
+
+	var scoresMap map[string]float64
+	if s.reputation != nil {
+		scoresMap = s.reputation.GetScoresBatch(r.Context(), agentIDs)
+	}
+
+	profiles := make([]PublicAgentProfile, 0, len(result.Agents))
+	for _, card := range result.Agents {
+		p := toPublicProfile(card)
+		if flags, ok := flagsMap[card.ID]; ok && flags != nil {
+			p.PlaygroundEnabled = flags.PlaygroundEnabled
+		}
+		if score, ok := scoresMap[card.ID]; ok {
+			p.ReputationScore = score
+		}
+		if count, ok := callCounts[card.ID]; ok {
+			p.TotalCalls = count
+		}
+		profiles = append(profiles, p)
+	}
+
+	if sortByPopular {
+		sort.Slice(profiles, func(i, j int) bool {
+			return profiles[i].TotalCalls > profiles[j].TotalCalls
+		})
+	}
+
+	s.jsonResponse(w, http.StatusOK, DirectoryResponse{
+		Agents:        profiles,
+		NextPageToken: result.NextPageToken,
+		TotalCount:    result.TotalCount,
+	})
+}

web/app/src/App.tsx

@@ -19,7 +19,7 @@ import { PlaygroundPage } from "@/pages/PlaygroundPage"
 import { AboutPage } from "@/pages/AboutPage"
 import { ProviderDashboardPage } from "@/pages/ProviderDashboardPage"
 import { ProviderAgentsPage } from "@/pages/ProviderAgentsPage"
-import { AgentRegisterPage } from "@/pages/AgentRegisterPage"
+import { DiscoverAgentsPage } from "@/pages/DiscoverAgentsPage"
 import { ProviderAgentDetailPage } from "@/pages/ProviderAgentDetailPage"
 import { AgentEditPage } from "@/pages/AgentEditPage"
 import { InvocationHistoryPage } from "@/pages/InvocationHistoryPage"
@@ -61,7 +61,7 @@ export function App() {
             }
           >
             <Route index element={<ProviderDashboardPage />} />
-            <Route path="register" element={<AgentRegisterPage />} />
+            <Route path="discover" element={<DiscoverAgentsPage />} />
             <Route path="agents" element={<ProviderAgentsPage />} />
             <Route path="agents/:id" element={<ProviderAgentDetailPage />} />
             <Route path="agents/:id/edit" element={<AgentEditPage />} />

web/app/src/api/client.ts

@@ -83,6 +83,30 @@ export function fetchDirectory(
   return fetchJSON<DirectoryResponse>(`/directory${qs ? `?${qs}` : ""}`)
 }
 
+// Console directory API (includes user's own private agents)
+export function fetchConsoleDirectory(
+  params: DirectoryParams | undefined,
+  accessToken: string
+): Promise<DirectoryResponse> {
+  const query = new URLSearchParams()
+  if (params?.capability) query.set("capability", params.capability)
+  if (params?.protocol) query.set("protocol", params.protocol)
+  if (params?.status) query.set("status", params.status)
+  if (params?.verified) query.set("verified", "true")
+  if (params?.min_score) query.set("min_score", String(params.min_score))
+  if (params?.search) query.set("search", params.search)
+  if (params?.sort) query.set("sort", params.sort)
+  if (params?.page_size) query.set("page_size", String(params.page_size))
+  if (params?.page_token) query.set("page_token", params.page_token)
+  if (params?.category) query.set("category", params.category)
+  if (params?.playground_only) query.set("playground_only", "true")
+  const qs = query.toString()
+  return fetchWithAuth<DirectoryResponse>(
+    `/provider/directory${qs ? `?${qs}` : ""}`,
+    accessToken
+  )
+}
+
 export function fetchPublicProfile(id: string): Promise<PublicAgentProfile> {
   return fetchJSON<PublicAgentProfile>(`/directory/${id}`)
 }

web/app/src/components/layout/ConsoleLayout.tsx

@@ -6,7 +6,7 @@ import { UserMenu } from "@/components/layout/UserMenu"
 import {
   LayoutDashboard,
   Bot,
-  PlusCircle,
+  Search,
   Activity,
   KeyRound,
   Github,
@@ -22,7 +22,7 @@ export function ConsoleLayout() {
   const navLinks = [
     { to: "/console", label: t('nav.dashboard'), icon: LayoutDashboard, end: true },
     { to: "/console/agents", label: t('nav.myAgents'), icon: Bot, end: false },
-    { to: "/console/register", label: t('nav.registerAgent'), icon: PlusCircle, end: false },
+    { to: "/console/discover", label: t('nav.discoverAgents'), icon: Search, end: false },
     { to: "/console/invocations", label: t('nav.invocations'), icon: Activity, end: false },
     { to: "/console/access-requests", label: t('nav.accessRequests'), icon: Lock, end: false },
     { to: "/console/api-keys", label: t('nav.apiKeys'), icon: KeyRound, end: false },

web/app/src/components/provider/ClaimTokenSection.tsx

@@ -58,7 +58,7 @@ export function ClaimTokenSection() {
     try {
       const res = await generate({
         agent_name: agentName.trim(),
-        protocols: ["a2a"],
+        protocols: ["a2a", "mcp", "acp"],
       })
       setGeneratedCode(res.token)
       setExpiresAt(res.expires_at)