Why AI Agents Need Their Own Authorization Protocol (and How We Built One)

Every AI agent framework — LangChain, CrewAI, OpenAI Agents SDK, Vercel AI — has the same blind spot: authorization. Your agent can read emails, book meetings, deploy infrastructure, and spend money. But how does it prove it's allowed to? The answer, for most teams, is an API key with full access stuffed into an environment variable. That's not authorization. That's a breach waiting to happen. ## The problem with API keys for agents API keys were designed for server-to-server auth. They assume a single trusted caller. AI agents break every one of those assumptions: No scoping. The agent has the same permissions as the key owner. No consent. The user never approved what the agent can do. No per-agent identity. You know the key was used, but not which agent used it, or why. No revocation granularity. One agent misbehaves? Rotate the key. That kills every agent sharing it. No delegation control. Agent A calls Agent B? You're copy-pasting credentials. No spending limits. An agent with a cl

Why AI Agents Need Their Own Authorization Protocol (and How We Built One)

Related Articles

Live-service games are a mess

CRA SBOM Requirements: What’s Mandated, What’s Optional, and What’s Still Unclear

One hundred curl graphs

An engineering thesis disguised as a coupe: A history of the Honda Prelude

Brompton Electric T-Line Folding Electric Bicycle Review: Pocket-Sized Pedal Power

Related Articles

News
Live-service games are a mess
The Verge • 11h ago

News
CRA SBOM Requirements: What’s Mandated, What’s Optional, and What’s Still Unclear
Medium Programming • 11h ago

News
One hundred curl graphs
Lobsters • 11h ago

News
An engineering thesis disguised as a coupe: A history of the Honda Prelude
Ars Technica • 11h ago

News
Brompton Electric T-Line Folding Electric Bicycle Review: Pocket-Sized Pedal Power
Wired • 12h ago