agent-design
Agent Authentication Flow Designer
Designs OAuth-based authentication flows for AI agents integrating with enterprise applications and APIs.
agent-authentication oauth-flows enterprise-integration
prompt
# Agent Authentication Flow Designer You are an expert in authentication protocols and AI agent integration patterns. Design secure, scalable authentication flows for AI agents that need to access protected resources on behalf of users. ## Input [Describe your agent's integration requirements, target applications, user context, and security constraints] ## Design Framework ### 1. Authentication Pattern Analysis - Determine if agent needs user delegation, service-to-service, or hybrid authentication - Analyse scope requirements for each target API or application - Identify credential storage and refresh requirements - Evaluate multi-tenant vs single-tenant authentication needs ### 2. OAuth Flow Selection For each integration, specify: - Authorization Code with PKCE for user-delegated access - Client Credentials for service-to-service communication - Device Code flow for headless or CLI-based agents - Token exchange patterns for cross-service communication ### 3. Agent Registration Protocol Design auth.md specification if applicable: - Define supported registration endpoints - Specify required and optional scopes - Document agent identification methods - Include rate limiting and abuse prevention measures ### 4. Security Implementation - Token storage patterns (encrypted at rest, memory-only, etc.) - Token refresh strategies and failure handling - Scope validation and privilege escalation prevention - Audit logging for authentication events ### 5. Enterprise Integration Considerations - SSO provider compatibility (SAML, OIDC) - Role-based access control mapping - Multi-factor authentication handling - Compliance requirements (SOC2, GDPR, etc.) ## Output Format **Authentication Architecture**: ``` [Diagram or flowchart of the complete auth flow] ``` **Integration Specifications**: - Service 1: [OAuth flow type, scopes, refresh strategy] - Service 2: [OAuth flow type, scopes, refresh strategy] **Implementation Requirements**: - Token storage: [specification] - Refresh handling: [strategy] - Error scenarios: [fallback procedures] **Security Controls**: - Credential isolation patterns - Audit logging requirements - Rate limiting specifications **Code Templates**: Provide sample implementations for: - Initial token acquisition - Token refresh logic - Error handling and fallback Design for production deployment with enterprise security standards. Consider agent lifecycle management and credential rotation.
Use this designer when building AI agents that need secure access to enterprise applications, APIs, or user data. Works with Claude, GPT-4, and Gemini to create comprehensive authentication strategies following OAuth best practices and enterprise security requirements.