Google announced Agentic Resource Discovery, or ARD, on June 17, 2026. ARD is an open specification that lets AI agents discover, verify, and connect to tools, skills, other agents, MCP servers, OpenAPI tools, and nested catalogs across the web. It is not a model update. It is a missing layer for the agentic web: where does a capability live, which one should be used, and can it be trusted?
That problem becomes more important as agents move beyond a single platform. If an agent only uses fixed tools inside one product, a proprietary registry can be enough. But an operations agent responding to a production incident might need observability systems, engineering documentation, deployment history, support tickets, and specialized troubleshooting agents. Those capabilities often live across different teams, vendors, and clouds without a shared discovery method.
ARD is built around catalogs and registries. A catalog is a description file hosted by an organization under its own domain. It lists available capabilities and connection information, and domain ownership becomes the identity and trust foundation. A registry acts like a search engine for the agentic web: it crawls catalogs, indexes them, and returns relevant capabilities plus verification metadata when an agent searches.
The important design choice is that the discovery layer does not try to replace each tool's native protocol. ARD helps an agent find the capability, verify the publisher, and retrieve trust metadata. After that, the connection happens through the resource's native protocol or API. In relation to MCP, A2A, or OpenAPI, ARD is more like the search and trust entry point than a runtime that replaces everything else.
Google also emphasizes cryptographic verification. A production agent cannot connect to a resource simply because a search result looks relevant. ARD lets publishers attach verifiable trust metadata, so a client agent or registry can confirm the publisher's cryptographic identity. Once agents touch enterprise data, run workflows, or trigger external actions, that kind of identity check becomes a baseline requirement.
Another key part is Agent Registry in Gemini Enterprise Agent Platform. Google says Agent Registry will support searching, discovering, and hosting agentic resources, including agents, skills, MCP servers, and tools. It will also support enterprise governance through globally unique namespaced URNs, agentic egress policies, specification pinning, and Agent Identity.
ARD shows the agent ecosystem moving from single applications toward a distributed architecture that looks more like the web. Websites became interoperable through search engines, DNS, TLS, and standardized metadata. The agentic web needs comparable infrastructure, or every agent will remain trapped inside one platform and one private registry.
For enterprises, ARD is not just another specification. It is a reminder that agent governance cannot stop at the model layer. In production, teams need to know who provides a capability, whether its version is pinned, which outbound connections are allowed, whether identity can be verified, and whether discovery decisions are auditable. Those questions will decide whether agents can move from demos into real operations.
