Episode 183 - GluuFederation/identerati-office-hours GitHub Wiki

Title: Bots With Keys: Welcome to AAuth

Channels

Description

AAuth (Agent Auth) is a proposed protocol for authenticating AI agents when they access APIs and MCP servers. Instead of relying on a single identity token, agents sign requests and perform a challenge-response flow to obtain authorization tokens bound to their keys. The protocol combines HTTP Message Signatures with JWT token exchange so resource servers, auth servers, and agents can establish trust dynamically. In this episode, we examine how agent identity, delegation, and authorization might work in a world where software agents—not humans—are the primary clients of APIs.

Homework

Takeaways

  • ⚡ With AAuth, instead of a shared client ID, each agent instance has its own keys and identity, enabling precise, per-agent accountability and stronger security boundaries.

  • ⚡ A "Person Server" is a new idea... a service not just for humans--anything can be a person--an organization, an agent, software!

  • ⚡ "Mission Accomplished" -- with the help of the Authorization Server! Whereas OAuth flows require the agent to know the required scopes upfront—agents need a different north star. Enter the "mission" claim, expressed in Markdown (ergonomic syntax on steroids!), links multiple authorization decisions into a coherent narrative, enabling better reasoning about why access is being requested.

  • ⚡ Resource-first interaction (v. Authorization Server first...) inverts the classic OAuth flow--kinda like UMA. Agents can start by calling a resource, which then returns requirements for authorization via a signed resource token.

  • ⚡ HTTP Message Signatures provide request-level proof-of-possession, which—when combined with key-bound tokens—offers a flexible alternative to mTLS and DPoP, trading some standardization and transport guarantees for lower deployment friction.

Livestream Audio Archive

here