The service
EverHomeCall delivers scheduled AI-powered calls to people who benefit from regular check-ins — seniors, independent living, injury recovery, and remote caregivers. Two AI agents handle the calls: Grace for daily check-ins, Jackson for twice-weekly wellness conversations. Both are powered by Retell AI and routed through Twilio to reach recipients.
The model is inherently high-stakes. A call that fires at the wrong time, to the wrong number, or from an agent operating outside its defined scope isn't just a product bug — it's a violation of trust with a vulnerable person. The system needed a way to make every call decision explicit, authorized, and provable.
The problem with "just log it"
Before IronWeft, the options for agent accountability were: log the call after it happened, or build ad hoc checks scattered through the application. Neither is the same as authorization. Logging tells you what happened. It doesn't stop something that shouldn't happen. Scattered checks are brittle — they drift, get skipped, and leave no centralized record.
"Your agent acted at 3am. Can you prove it was authorized — with a tamper-evident chain and a human sponsor — in seconds? Most teams can't."
For a service calling people in their homes, "we logged it" isn't good enough. The question families and regulators ask is: who authorized this call, and how?
The integration
Both Grace and Jackson are registered as named agents in IronWeft with scoped credentials. Each agent has a policy that limits the exact actions it's permitted to take — no agent can exceed its defined scope, regardless of what the application code requests.
Before any call fires, the EverHomeCall backend makes a single authorization request to
IronWeft's /authorize endpoint. The call only proceeds if IronWeft approves it.
The decision — along with the agent identity, initiator, timestamp, and scope — is written
immediately to a hash-chained audit log.
/authorize with the agent credential, action, and initiator. IronWeft evaluates the policy.What this enables
The result is a call system where authorization is structural, not procedural. It doesn't rely on every developer remembering to add a check. The policy is enforced at the infrastructure level — the agent literally cannot fire without a valid authorization.
For caregivers and families, this matters. The service can demonstrate — with a cryptographically linked audit trail — exactly which agent made each call decision, what triggered it, and that no call was made outside its authorized scope.
Integration effort
The integration required a single API call per call event — no architectural changes, no separate audit database to maintain, no bespoke access-control logic to keep in sync with the rest of the application. IronWeft handles registration, credential issuance, policy evaluation, and audit logging as a service.