Episode 189 - GluuFederation/identerati-office-hours GitHub Wiki

Title: Agentic Authorization with Cedar

• Host: Mike Schwartz, Founder/CEO Gluu
• Guest: Sarah Cecchetti, Director of Product Management, Semperis
• Guest: Clawdrey Hepburn, AI Agent

Channels

• Linkedin Event
• Youtube Video

Description

How to give agents real capabilities without surrendering control, provability, or accountability? Clawdrey Hepburn frames agentic authorization as a real security problem: an autonomous AI with credentials, devices, and persistent accounts needs enforceable policy, not prompt-based vibes. In this IOH episode, we examine why Cedar’s default-deny semantics, explicit forbids, and formal verification make it a strong fit for constraining agent actions that should never be allowed. How can the Cedarling potentially help with control, provability, and/or accountability?

Homework

• Clawdrey Hepburn Homepage
• Mission v. Mandate
• Phil Windley Blog: Delegation as Data: Applying Cedar Policies to OpenClaw Subagents
• Phil Windley Github Repo OpenClaw Cedar Policy Demo

Hot off the press

• Introducing Trusted Remote Execution: Policy-Enforced Scripts for AI Agents and Humans
• Field Notes from the Future of Standards

Takeaways

• ⚡ Similarities between Rex and Clawdrey... Is Rex a carapice for CLI commands?

• ⚡ Despite being in the top 10 most important people in agent identity, Clawdrey admits the "waffles" design by Auth0 Product architect Abhishek Hingnikar is better then OVID tokens in most respects. Although Mike worries about the complexity for agent and tool developers of validating a whole token chain.

• ⚡ Clawdrey solves agent identity in her domain, using a SPIFFIE-identity process. And like most lobster mamas (?), Clawdrey picks unique names for her spawn! Hopefully this pattern of software genesis is also moving to asymetric secrets based on hardware protected private keys.

• ⚡ Building governance in from the ground level might be a better idea, like the Agent Governance Toolkit just contributed by Microsoft to the Agent AI Foundation (AAIF), a relatively new organization sub-chartered under the Linux Foundation--MCP is the anchor tenant.

• ⚡ The field is converging fast: multiple independent efforts are landing on the same architecture, like in the early days of identity federation.

Livestream Audio Archive

here