The links I’ve got for you this week are meaty — several long papers, all with a strong focus on the intersection of delegation and AI agents. I haven’t fully digested the most recent two myself, having been flying all over creation (and vacationing some). But I wanted to put them all in one place, as much to be a personal reading list as to help spread the word. Getting the subtleties of the D-word right is important to me.

A community group is said to be spinning up at the OpenID Foundation on this topic. I hope all the conversations in the different subcommunities will meet in the middle, sooner rather than later.

Share

ARIA Agent Relationship-Based Identity and Authorization

Published by Patrick Parker on LinkedIn on 2 June 2025

Think of it like giving your assistant your corporate card, but with precise spending limits, time windows, and automatic audit trails.

Patrick published this as a discussion draft just before heading to Identiverse, kicking off a huge discussion — both online and in person. There’s a big role for an OAuth Token Exchange on behalf of (OBO) profile — which doesn’t seem super-interoperable out there, from what I can see, but makes perfect sense conceptually. (N.B.: Patrick mentions “a few patents pending on this”.)

A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control

Published by Cloud Security Alliance on arXiv on 25 May 2025

The core problem this current paper addresses is the fundamental mismatch between existing IAM paradigms (e.g., OAuth 2.0, OpenID Connect (OIDC), SAML) and the unique characteristics of AI agents in MAS [Multi-Agent Systems].

This framework similarly occasioned a ton of discussion on LinkedIn. It leans heavily on verifiable credentials mechanisms — “third wave” standards, if you will, vs. the “first wave” of SAML and the “second wave” of OAuth. Is the first paper an existence proof of what the second paper claims simply will not work? What is it missing?

Leave a comment

Authenticated Delegation and Authorized AI Agents

Published on arXiv on 16 January 2025

January may seem like an eon ago in AI years! But this paper was timely in exploring many of the same issues covered in depth by the other links, and even compares second- and third-wave approaches. I appreciated both its inclusion of UMA options and its analysis of the “legal grounding for authenticated delegation”.

At its core, agency law determines when a principal may be held liable for the acts of their agent, ensuring that third parties are not unfairly disadvantaged by having to ascertain who holds ultimate responsibility.

Thanks for reading! Just a quick note about Venn Factory Learning: That’s where I’ve just published the 12-page transcript of my talk at SXSW 2025, which centered on Why Identity Matters — the modern conundrum of digital identity for individuals and businesses alike. It’s free to download, so check it out! And you can use code ZZAUTH for 50% off everything else (extended to June 21).