Identity for AI Agents - Patrick Riley & Carlos Galan, Auth0

7.7K views · Jan 14, 2026 · 82:12 min · Watch on YouTube ↗

Takeaway

Production agents need a dedicated identity layer—async user approval, token vaulting, and fine-grained authorization—not just API keys in environment variables.

Summary

Auth0's new 'Auth0 for AI' release covers four agent-identity pillars: AI knows who I am, calls APIs on my behalf, requests my confirmation, and has fine-grained access.
Async OAuth (CIBA-based) lets long-running autonomous agents trigger push approval to the human, returning a scoped access token with the exact approved transaction details.
Token Vault persists upstream refresh tokens for services like Slack/Facebook so agents can stay online, with separate flows for SPAs, LangGraph CLI external APIs, and traditional web apps.
Maps onto updated OWASP LLM Top 10 threats, addressing the new modalities of interactive, batch-runner, and fully autonomous agents.

identityauthagents

Original description

Implementing secure identity and access management for AI agents with Okta!

https://www.linkedin.com/in/patmriley/
https://www.linkedin.com/posts/cgcladera_auth0-for-ai-agents-secure-agentic-apps-activity-7399029829565579264-9Gdf/