Open Agent Auth

Open Agent AuthEnterprise-Grade AI Agent Authorization

Cryptographic identity binding, fine-grained authorization, and semantic audit trails for AI agents operating on behalf of users.

Get Started →

🔐

WIMSE Workload Identity

Request-level isolation with temporary key pairs following the WIMSE protocol. Each user request operates in an independent virtual workload environment.

🔗

Cryptographic Identity Binding

Three-layer cryptographic binding (ID Token → WIT → AOAT) ensures end-to-end identity consistency from user authentication to resource access.

🎯

Dynamic Policy Evaluation

Runtime policy updates with OPA, RAM, ACL, and Scope evaluators — no service restart required. Fine-grained authorization for every agent operation.

🛡️

Multi-Layer Verification

Five-layer security validation at the Resource Server — workload authentication, request integrity, user authentication, identity consistency, and policy evaluation.

📝

Semantic Audit Trail

W3C VC-based verifiable credentials recording complete context from user input to resource operation, enabling transparent and auditable agent operations.

🌐

Standard Protocols

Built on OAuth 2.0, OpenID Connect, WIMSE, and MCP for seamless integration with existing infrastructure and identity providers.

Equal partners. Trust actions.

The social contract for the agent era.

Explore

Jump Right In

Everything you need to integrate enterprise-grade agent authorization.

Quick Start

Get running in 5 minutes with the sample project.

Architecture

Understand the zero-trust security model and token flow.

API Reference

Actors, Executors, and Spring Boot Starter APIs.

Integration Guide

Role-based setup for Agent, AS, and Resource Server.

How It Works

Three-Layer Cryptographic Binding

Every agent operation is authenticated, authorized, and auditable through a standards-based flow.

01

👤

Authenticate

User authenticates via OpenID Connect. The Agent creates a virtual workload with temporary WIMSE credentials, binding user identity to a request-scoped environment.

ID Token → WIT

02

🔐

Authorize

Agent submits an Operation Proposal via OAuth 2.0 PAR. The Authorization Server evaluates policies (OPA / RAM / ACL) and issues an Agent Operation Authorization Token.

WIT → AOAT

03

🛡️

Verify & Execute

Resource Server performs five-layer verification — workload auth, request integrity, user auth, identity consistency, and policy evaluation — then executes the operation.

AOAT + WPT → Result

View Full Authorization Flow →

Why

Built for the AI Agent Era

Traditional authorization wasn't designed for agents acting on behalf of users.

⚠️Traditional Approach

Single-layer authentication — identity ambiguity
Coarse-grained, static permissions
Process-level isolation only
Basic operation logs, no traceability

✅Open Agent Auth

Three-layer cryptographic identity binding
Dynamic policy evaluation (OPA / RAM / ACL)
Request-level virtual workload isolation
W3C VC semantic audit trails

Foundation

Built on Open Standards

Leveraging battle-tested protocols for enterprise-grade security.

OAuth 2.0

Authorization

OpenID Connect

Identity

WIMSE

Workload Identity

W3C VC

Audit Trail

MCP

Tool Protocol

IETF Draft

Agent Auth Spec

Ready to Secure Your AI Agents?

Open Agent Auth is open-source under Apache 2.0. Star us on GitHub, try the sample project, or dive into the docs.

Get Started → ⭐ Star on GitHub