Architecture Documentation
Comprehensive architecture documentation for the Open Agent Auth framework — a standards-based authorization framework for AI agent operations.
Architecture Overview
Documentation Index
Core Architecture
| Module | Description |
|---|---|
| Token Reference | Token types (ID Token, WIT, WPT, PAR-JWT, VC, AOAT), structures, lifecycle, and relationships |
| Identity & Workload | Dual-layer identity model, workload isolation, IDP architecture, identity binding |
| Authorization Flow | OAuth 2.0 + PAR flow, five-layer verification, policy evaluation |
| Security | Cryptographic protection, key management, threat mitigation, audit & compliance |
Protocol & Integration
| Module | Description |
|---|---|
| Agent Authorization Flow | Complete six-phase AOA protocol flow from user authentication to tool execution |
| MCP Protocol Adapter | Model Context Protocol integration with five-layer verification |
| Spring Boot Integration | Autoconfiguration, role detection, bean lifecycle, configuration properties |
| Integration Infrastructure | Key Resolution SPI, Peers Configuration, OAA Configuration Discovery |
Recommended Reading Order
- Token — Understand the six token types and their relationships
- Identity — Learn the dual-layer identity model and workload isolation
- Authorization — Follow the complete authorization flow end-to-end
- Security — Review cryptographic protection and audit mechanisms
- MCP Protocol — See how authorization integrates with MCP tool invocation
- Integration — Configure and deploy with Spring Boot
Related Documentation
- API Documentation — API reference and usage guide
- User Guides — Tutorials and getting started
Maintainer: Open Agent Auth Team Last Updated: 2026-03-03