Replies: 3 comments
-
|
Beta Was this translation helpful? Give feedback.
-
|
For us in the Directory project, it may be useful to integrate Identity services natively within the stack so that users can have both discovery, but also identity services, readily available from one plane. For this, we are searching for easy integration capabilities with Identity, but there are lots of limitations right now. We are proposing addition of new features:
These features would enable us to quickly integrate the deployment into our current stack, but also to integrate functionalities provided by Identity into our codebase using native language bindings. An example flow would enable users to a) store/distribute/discover their agents via their own directory instance, b) provide registration/validation service alongside it that relies on Identity for OASF records out-of-box |
Beta Was this translation helpful? Give feedback.
-
|
I would add I am particularly interested in cross-group collaboration in identity. LFDT and DIF both have trusted agent identity efforts, which are encopmassing of W3C work and align to the Cloud Security Alliance (CSA) Agent IAM framework. Excited to collaborate! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
We’re exploring where to focus our efforts within the AGNTCY Agent Identity open source project, and we’d love your input on which tracks matter most.
👉 How to vote:
Please copy the options into the comments and then add an emoji reaction to show your view:
👍 = Support / High Priority
👎 = Not a priority
👉 Leadership:
If you’d like to lead or co-lead one of these efforts, please mention that in a reply.
Options:
Dynamic Client Registration
Exploring mechanisms for agents, MCP servers, and tools to dynamically register themselves. This would reduce manual configuration and improve interoperability in distributed environments.
User Context in Tokens & Policy Decisions
How user context can be passed, embedded into tokens, and leveraged in scopes that inform policy decision points. This affects traceability, compliance, and fine-grained authorization.
Agent Identity & Cross-Agent Authentication/Authorization (XAA)
Establishing robust models for agent identity by using Identity Badge for agents and MCP servers, including cross-agent authentication and authorization.
Multi-Factor Authorization for Autonomous Agents
Designing multi-factor verification approaches tailored for autonomous agents, ensuring stronger safeguards without undermining autonomy or usability.
Audit Logs & Standardization
Defining standards for audit logging to capture critical data points such as intent, tasks, delegation chains, and related metadata. This would improve transparency, accountability, and support compliance or forensic analysis. (Potential alignment with MELT-style observability and telemetry frameworks.)
Policy Engine Integration – Exploring tools like Cedarling, OPA, etc. or transparent decision-making.
Any other topics please add.
Beta Was this translation helpful? Give feedback.
All reactions