Skip to main content

AI Agents Track

Use this track when you are building an agent that operates autonomously, chains tool calls, or acts on a user's behalf. OAuth alone was not designed for this — you need an identity for the agent itself, not just the user. By the end of this track you will have a registered agent, scoped capabilities, and just-in-time approval wired in.

Prerequisites

  • A LumoAuth organization with AAuth enabled — sign up
  • Node.js 18+ or Python 3.9+

1. Understand why this matters

Read Why AI Access Control. Key ideas:

  • Agent Registration — every agent is a first-class identity, not a shared API key
  • Scoped Capabilities — agents request specific capabilities (document.read, payments.authorize), not a blanket "admin" role
  • Chain of Agency — token exchange that encodes the full call chain: "Tool → Agent → User"
  • JIT Permissions — human approval in the loop for sensitive operations

2. Register your agent

Follow the Agent Quick Start — register an agent, generate an Ed25519 key pair (Ed25519 is a modern public-key signature algorithm; it is fast and produces short keys), and get your first access token.

3. Pick your framework

FrameworkRegistryJIT
LangChain / LangGraphRegistryJIT
CrewAIRegistryJIT
OpenAI Agents SDKRegistryJIT
AgnoRegistryJIT
Google ADKRegistryJIT
Microsoft Agent FrameworkRegistry

4. Authorize agent actions

  • Ask API — natural-language permission checks, intended for LLM reasoning loops
  • JIT Permissions — request human approval before running a sensitive operation
  • Chain of Agency — used when the agent acts on a user's behalf; built on RFC 8693 Token Exchange

5. Advanced

  • AAuth Protocol — cryptographic agent identity using HTTP Message Signatures (RFC 9421)
  • Workload Federation — use the platform's own workload identity (Kubernetes, AWS, GCP) so the agent never needs a static secret
  • MCP Servers — authorize Model Context Protocol tool calls

Next track