The identity stack for the agentic AI era.

TCTDX Identity is the documentation site for our OAuth 2.1, OpenID Connect, and agent authorization work. The production direction is a manual Rust identity provider plus a managed cloud offering on the IllusionVibe platform.

The current repository includes a Next.js prototype. It proved the product shape, but it is not the security boundary we want to ship. The Rust rewrite is where protocol correctness, proofing, and operations become first-class.

What changes

Auth that understands agents

Model humans, services, tools, and AI agents as separate actors with explicit delegation, session, and consent boundaries.

Less IAM surface area

Replace broad admin-platform sprawl with a small protocol core, typed state machines, and defaults that do not require a dedicated IAM team.

Audit-first development

Every known prototype flaw becomes a rewrite gate, regression test, and public implementation constraint.

Cloud when you want it

The IllusionVibe cloud offering will provide hosted tenants, custom domains, managed keys, audit history, and abuse controls.

Build direction

1. Keep this docs site static on Cloudflare Workers Assets at identity.tctdx.com.
2. Build the Rust provider as a separate runtime with explicit OAuth/OIDC contracts.
3. Turn agent authorization into a product primitive: scoped delegation, tool access, consent, and revocation.
4. Offer the managed path on illusionvibe.com for teams that do not want to operate identity infrastructure.

Read next

Why agentic identity How AI agents change the auth model.

Agent authorization The software primitives we need for delegated agents.

Cloud offering How this becomes an IllusionVibe managed product.

Rust rewrite gates What must be true before the provider is production-ready.