Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 for AI Agents
Search
Deepu K Sasidharan
September 24, 2025
Programming
100
1
Share
Auth0 for AI Agents
How to use OAuth to access third party services from an AI agent
by Deepu K Sasidharan
Deepu K Sasidharan
September 24, 2025
More Decks by Deepu K Sasidharan
See All by Deepu K Sasidharan
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
37
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
52
Auth for MCP: Secure MCP servers using OAuth
deepu105
0
53
Securing the Future of AI: Authorization Strategies for RAG Systems using LangChain4J and OpenFGA
deepu105
0
130
Demystifying OAuth and OIDC: JFokus
deepu105
1
190
Mastering Kubernetes Security from Containers to Cluster Fortresses
deepu105
1
110
Go containerless on Kubernetes
deepu105
1
150
A Passwordless Future! Passkeys for Java Developers
deepu105
0
200
Go containerless on Kubernetes with WebAssembly and Rust
deepu105
0
86
Other Decks in Programming
See All in Programming
JAWS-UG横浜 #100 祝・第100回スペシャル AWS は VPC レスの時代へ
maroon1st
0
200
2026年のソフトウェア開発を考える(2026/05版) / Software Engineering Scrum Fest Niigata 2026 Edition
twada
PRO
18
6.2k
感情を設計する
ichimichi
5
1.6k
Agentic Elixir
whatyouhide
0
420
From Formal Specification to Property Based Test
ohbarye
0
520
Claude CodeでETLジョブ実行テストを自動化してみた
yoshikikasama
0
1.1k
mruby on C#: From VM Implementation to Game Scripting (RubyKaigi 2026)
hadashia
2
1.2k
Claude Code × Gemini × Ebitengine ゲーム制作素人WebエンジニアがGoでゲームを作った話
webzawa
0
210
AWSコミュニティ活動は顧客のクラウド推進に効くのか / Do AWS community activities help customers adopt the cloud?
seike460
PRO
0
160
iOS機能開発のAI環境と起きた変化
ryunakayama
0
190
Don't Prompt Harder, Structure Better
kitasuke
0
800
Liberating Ruby's Parser from Lexer Hacks
ydah
2
2.3k
Featured
See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
53k
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
780
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.7k
Statistics for Hackers
jakevdp
799
230k
4 Signs Your Business is Dying
shpigford
187
22k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.1k
The Curious Case for Waylosing
cassininazir
0
330
<Decoding/> the Language of Devs - We Love SEO 2024
nikkihalliwell
1
200
Making Projects Easy
brettharned
120
6.6k
Thoughts on Productivity
jonyablonski
76
5.1k
Transcript
Auth0 for AI Agents How to use OAuth to access
third party services from an AI agent Deepu K Sasidharan
@auth0 | @deepu105 | deepu.tech ➔ OSS aficionado, polyglot dev,
author, speaker ➔ JHipster co-chair ➔ Creator of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ Java Champion Hi, I’m Deepu Sasidharan @
[email protected]
deepu.tech @deepu105.bsky.social deepu05
@auth0 | @deepu105 | deepu.tech The Current State of AI
Security Agents, RAG and everything in between
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Identity Challenges for AI-Powered Applications
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Excessive Agency
@auth0 | @deepu105 | deepu.tech Security Challenges Calling APIs Human-in-the-loop
@auth0 | @deepu105 | deepu.tech How to prevent this?
@auth0 | @deepu105 | deepu.tech Calling APIs?
@auth0 | @deepu105 | deepu.tech export const getInfoFromAPI = tool({
description: 'Get information from my own API.' , parameters: z.object({}), execute: async () => { const session = await auth0.getSession(); if (!session) { return 'There is no user logged in.' ; } const response = await fetch(`https://my-own-api` , { headers: { Authorization: `Bearer ${session.tokenSet.accessToken}`, }, }); if (response.ok) { return { result: await response.json() }; } return "I couldn't verify your identity" ; }, }); Call First Party APIs with OAuth
@auth0 | @deepu105 | deepu.tech Third Party APIs?
@auth0 | @deepu105 | deepu.tech OAuth Federation
@auth0 | @deepu105 | deepu.tech Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech // Connection for Google services
export const withGoogleConnection = auth0AI.withTokenForConnection ({ connection : 'google-oauth2' , scopes: ['https://www.googleapis.com/auth/calendar.events' ], refreshToken : getRefreshToken , }); // Wrapped tool export const checkUsersCalendarTool = withGoogleConnection ( tool({ description : 'Check user availability on a given date time on their calendar' , parameters : z.object({ date: z.coerce.date() }), execute: async ({ date }) => { // Get the access token from Auth0 AI const accessToken = await getAccessToken (); // Google SDK const calendar = getGoogleCalendar (accessToken ); const response = await calendar .freebusy .query({ auth, requestBody : { timeMin: formatISO (date), timeMax: addHours (date, 1).toISOString (), timeZone : 'UTC', items: [{ id: 'primary' }], }, }); return response .data?.calendars ?.primary?.busy?.length, }; }, }), ); Call Third Party APIs With Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech Human-in-the-loop?
@auth0 | @deepu105 | deepu.tech Async Authorizations with CIBA Client-Initiated
Backchannel Authentication Flow
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({
userID: async () => { const user = await getUser(); return user?.sub as string; }, bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} of ${product}`, scopes: ['openid', 'product:buy'], audience: process.env['AUDIENCE']!, onUnauthorized: async (e: Error) => { if (e instanceof AccessDeniedInterrupt) { return 'The user has denied the request'; } return e.message; }, }); export const shopOnlineTool = withAsyncAuthorization( tool({ description: 'Tool to buy products online', parameters: z.object({ product: z.string(), qty: z.number() }), execute: async ({ product, qty, priceLimit }) => { const credentials = getCIBACredentials(); const accessToken = credentials?.accessToken; // Use access token to call first party APIs return `Ordering ${qty} ${product} with price limit ${priceLimit}`; }, }), ); Async AuthZ with Auth0
@auth0 | @deepu105 | deepu.tech Assistant0 github.com/auth0-samples/auth0- assistant0
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event
@auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/
Thank You
deepu105
maroon1st
twada
ichimichi
whatyouhide
ohbarye
yoshikikasama
hadashia
webzawa
seike460
ryunakayama
kitasuke
ydah
jeffersonlam
madoxten
frankvandijk
zakiyama
jakevdp
shpigford
erikaheidi
addyosmani
cassininazir
nikkihalliwell
brettharned
jonyablonski
