Agent authorization
Agentic systems need auth that explains who is acting, why they are acting, and what they can touch.
Product primitives
Agent identity
Agents should have their own identity records. They are not just API keys and they are not the same as the human who started them.
An agent record should include:
- owner organization,
- creating client,
- allowed tools,
- allowed scopes,
- default token lifetime,
- audit policy,
- revocation state.
Delegated grants
A delegated grant connects a human or organization to an agent for a purpose.
It should include:
- delegator,
- agent,
- client,
- scopes,
- tools,
- purpose text or structured task,
- expiry,
- revocation state,
- audit correlation ID.
Tool authorization
Tools should expose operations that can be granted narrowly. Instead of giving an agent broad account access, the system should grant concrete abilities like calendar.read, ticket.create, or deployment.request.
Agent session
An agent session is a short-lived runtime context derived from a delegated grant. It should be traceable back to the human, organization, client, and policy that created it.
Why this is different
Traditional IAM often treats automation as service accounts. Agentic software needs a more precise model because an agent may act for many users, across many tools, with task-specific authority. TCTDX Identity should make that precision the default.