Access Control
Practical patterns for constraining what AI agents can do, what data they can reach, and how delegated actions stay traceable.
Adjacent tracks
Securing AI Agents with Role-Based Delegation
Secure AI agents with scoped, short-lived roles and RFC 8693 delegation tokens, enforcing least privilege, RBAC+ABAC, audit trails, and centralized governance for compliance.
How Scoped Authorization Secures AI Agents
Scoped OAuth/OIDC tokens give AI agents least-privilege, context-aware access with short lifetimes, audit trails, and revocable just-in-time credentials.
Ultimate Guide to Multi-Tenant AI Systems
Explore the complexities of multi-tenant AI systems, focusing on security, identity management, and compliance challenges.
Delegated Access vs Direct Access: Which to Choose
Explore the differences between Delegated Access and Direct Access for AI agents, focusing on security, efficiency, and compliance considerations.
5 Best Practices for AI Agent Access Control
Explore essential practices for securing AI agents, focusing on identity management, access control, and the importance of human oversight.
Terraforming Access: Why Auth Needs to Be Defined in Code
Infrastructure as Code for Agential Auth
How Impersonation and Delegation Break in Today’s CIAMs for AI-Native Use Cases
Why legacy CIAM models break when AI agents act for users, and how to separate impersonation from safe delegated access.
Designing a DSL for Agent Access Control
Why agent access control needs a policy language teams can version, review, and enforce across runtimes.
Impersonation ≠ Delegation: Don’t Let Agents Spoof Your Users
How to stop AI agents from spoofing user identity by enforcing explicit delegation, scoped access, and auditable actions.
Delegated Access for Agents: What Comes After Tokens
Why delegated access beats static tokens for AI agents, and what a safer handoff model looks like in production.