auth.md
Flow

Agent verified

The agent's provider — OpenAI, Anthropic, Cursor, or any trusted agent platform — attests to the user's identity at registration time. Your service verifies the attestation and issues credentials synchronously, no human interaction required.

When to use it

  • You already JIT-provision users from OIDC or SAML identity providers — this is the same shape with a different issuer.
  • You want zero-friction registration when the agent has a known user behind it.
  • You're comfortable maintaining a trust list of agent providers and revoking when one rotates keys or is compromised.

How it works

  1. Agent hits your API, gets a 401 with a pointer to your discovery document.
  2. Agent asks the user for consent to assert identity to your service.
  3. Agent requests an audience-specific ID-JAG from its provider.
  4. Agent POSTs the ID-JAG to your /agent/auth endpoint.
  5. Your service verifies the signature against the provider's JWKS, matches the user, and returns credentials.

What you get

  • Synchronous user identity at registration — no OTP, no email round-trip.
  • A delegation record per (iss, sub, aud) that the provider can revoke at any time via a logout token.
  • Standard JWT verification path; integrates with anything that already handles OIDC.

Trade-offs

  • Only works when the agent's provider participates. Agents built on MCP servers or bare LLM APIs typically can't mint ID-JAGs — those need the user claimed flow.
  • You take on the operational responsibility of curating which providers you trust.

Implement it

App side: For apps → agent verified flow. Provider side: For agent providers.