Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 for AI Agents
Search
Deepu K Sasidharan
September 24, 2025
Programming
1
52
Auth0 for AI Agents
How to use OAuth to access third party services from an AI agent
by Deepu K Sasidharan
Deepu K Sasidharan
September 24, 2025
Tweet
Share
More Decks by Deepu K Sasidharan
See All by Deepu K Sasidharan
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
15
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
20
Auth for MCP: Secure MCP servers using OAuth
deepu105
0
17
Securing the Future of AI: Authorization Strategies for RAG Systems using LangChain4J and OpenFGA
deepu105
0
77
Demystifying OAuth and OIDC: JFokus
deepu105
1
130
Mastering Kubernetes Security from Containers to Cluster Fortresses
deepu105
1
81
Go containerless on Kubernetes
deepu105
1
120
A Passwordless Future! Passkeys for Java Developers
deepu105
0
140
Go containerless on Kubernetes with WebAssembly and Rust
deepu105
0
70
Other Decks in Programming
See All in Programming
なぜGoのジェネリクスはこの形なのか? - Featherweight Goが明かす設計の核心
qualiarts
0
250
実践Claude Code:20の失敗から学ぶAIペアプログラミング
takedatakashi
18
8.5k
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
470
O Que É e Como Funciona o PHP-FPM?
marcelgsantos
0
200
Cursorハンズオン実践!
eltociear
2
1.2k
One Enishi After Another
snoozer05
PRO
0
160
エンジニアインターン「Treasure」とHonoの2年、そして未来へ / Our Journey with Hono Two Years at Treasure and Beyond
carta_engineering
0
420
NIKKEI Tech Talk#38
cipepser
0
230
Building, Deploying, and Monitoring Ruby Web Applications with Falcon (Kaigi on Rails 2025)
ioquatix
4
2.5k
CSC509 Lecture 07
javiergs
PRO
0
240
AI Agent 時代的開發者生存指南
eddie
4
2.1k
Foundation Modelsを実装日本語学習アプリを作ってみた!
hypebeans
1
130
Featured
See All Featured
Testing 201, or: Great Expectations
jmmastey
45
7.7k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
3.1k
GraphQLの誤解/rethinking-graphql
sonatard
73
11k
Building Adaptive Systems
keathley
44
2.8k
How STYLIGHT went responsive
nonsquared
100
5.8k
Reflections from 52 weeks, 52 projects
jeffersonlam
353
21k
How to train your dragon (web standard)
notwaldorf
97
6.3k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
658
61k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
Transcript
Auth0 for AI Agents How to use OAuth to access
third party services from an AI agent Deepu K Sasidharan
@auth0 | @deepu105 | deepu.tech ➔ OSS aficionado, polyglot dev,
author, speaker ➔ JHipster co-chair ➔ Creator of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ Java Champion Hi, I’m Deepu Sasidharan @
[email protected]
deepu.tech @deepu105.bsky.social deepu05
@auth0 | @deepu105 | deepu.tech The Current State of AI
Security Agents, RAG and everything in between
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Identity Challenges for AI-Powered Applications
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Excessive Agency
@auth0 | @deepu105 | deepu.tech Security Challenges Calling APIs Human-in-the-loop
@auth0 | @deepu105 | deepu.tech How to prevent this?
@auth0 | @deepu105 | deepu.tech Calling APIs?
@auth0 | @deepu105 | deepu.tech export const getInfoFromAPI = tool({
description: 'Get information from my own API.' , parameters: z.object({}), execute: async () => { const session = await auth0.getSession(); if (!session) { return 'There is no user logged in.' ; } const response = await fetch(`https://my-own-api` , { headers: { Authorization: `Bearer ${session.tokenSet.accessToken}`, }, }); if (response.ok) { return { result: await response.json() }; } return "I couldn't verify your identity" ; }, }); Call First Party APIs with OAuth
@auth0 | @deepu105 | deepu.tech Third Party APIs?
@auth0 | @deepu105 | deepu.tech OAuth Federation
@auth0 | @deepu105 | deepu.tech Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech // Connection for Google services
export const withGoogleConnection = auth0AI.withTokenForConnection ({ connection : 'google-oauth2' , scopes: ['https://www.googleapis.com/auth/calendar.events' ], refreshToken : getRefreshToken , }); // Wrapped tool export const checkUsersCalendarTool = withGoogleConnection ( tool({ description : 'Check user availability on a given date time on their calendar' , parameters : z.object({ date: z.coerce.date() }), execute: async ({ date }) => { // Get the access token from Auth0 AI const accessToken = await getAccessToken (); // Google SDK const calendar = getGoogleCalendar (accessToken ); const response = await calendar .freebusy .query({ auth, requestBody : { timeMin: formatISO (date), timeMax: addHours (date, 1).toISOString (), timeZone : 'UTC', items: [{ id: 'primary' }], }, }); return response .data?.calendars ?.primary?.busy?.length, }; }, }), ); Call Third Party APIs With Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech Human-in-the-loop?
@auth0 | @deepu105 | deepu.tech Async Authorizations with CIBA Client-Initiated
Backchannel Authentication Flow
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({
userID: async () => { const user = await getUser(); return user?.sub as string; }, bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} of ${product}`, scopes: ['openid', 'product:buy'], audience: process.env['AUDIENCE']!, onUnauthorized: async (e: Error) => { if (e instanceof AccessDeniedInterrupt) { return 'The user has denied the request'; } return e.message; }, }); export const shopOnlineTool = withAsyncAuthorization( tool({ description: 'Tool to buy products online', parameters: z.object({ product: z.string(), qty: z.number() }), execute: async ({ product, qty, priceLimit }) => { const credentials = getCIBACredentials(); const accessToken = credentials?.accessToken; // Use access token to call first party APIs return `Ordering ${qty} ${product} with price limit ${priceLimit}`; }, }), ); Async AuthZ with Auth0
@auth0 | @deepu105 | deepu.tech Assistant0 github.com/auth0-samples/auth0- assistant0
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event
@auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/
Thank You