Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 for AI Agents
Search
Deepu K Sasidharan
September 24, 2025
Programming
120
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Auth0 for AI Agents
How to use OAuth to access third party services from an AI agent
by Deepu K Sasidharan
Deepu K Sasidharan
September 24, 2025
More Decks by Deepu K Sasidharan
See All by Deepu K Sasidharan
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
51
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
74
Auth for MCP: Secure MCP servers using OAuth
deepu105
0
71
Securing the Future of AI: Authorization Strategies for RAG Systems using LangChain4J and OpenFGA
deepu105
0
140
Demystifying OAuth and OIDC: JFokus
deepu105
1
200
Mastering Kubernetes Security from Containers to Cluster Fortresses
deepu105
1
130
Go containerless on Kubernetes
deepu105
1
160
A Passwordless Future! Passkeys for Java Developers
deepu105
0
210
Go containerless on Kubernetes with WebAssembly and Rust
deepu105
0
110
Other Decks in Programming
See All in Programming
AI がコードを書く時代における新卒エンジニアの仕事風景 (2026) / New Graduate Engineers in the Era of AI Coding (2026)
sushichan044
0
200
鹿野さんに聞く!『TypeScriptコードレシピ集』で磨く実践力
tonkotsuboy_com
4
990
例外の正しい扱い方 そのエラー try-catchして大丈夫?
jinwatanabe
0
320
AIキャラアプリkaiwaの低遅延音声通話基盤をどう作ったか - AWS Gravitonで支える低遅延・低コストAI Agent基盤
mogamit
0
150
キャリア迷子上等 ─ "ない道"は自分で作ればいい
16bitidol
3
2.7k
Observability in Practice:Grafana 與 Edge Device SRE 的那些事
blueswen
0
190
SLOをサービス品質の共通言語にするために 取り組んできたこと
wakana0222
0
300
決定論的オーケストレーションの設計と実装 / Design and Implementation of Deterministic Orchestration
nrslib
4
1.6k
OS アップデート対応の取り組み方がもっと共有されてほしい
andpad
0
110
Agentic UI
manfredsteyer
PRO
0
220
dRuby over BLE
makicamel
2
400
正しくソフトウェアを作る、前提を疑うための認知の視点 / doubt-premise
minodriven
21
7.2k
Featured
See All Featured
Leo the Paperboy
mayatellez
8
1.9k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
460
Designing for Timeless Needs
cassininazir
1
270
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
11k
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
1
270
Google's AI Overviews - The New Search
badams
0
1.1k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
A better future with KSS
kneath
240
18k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
880
The Curse of the Amulet
leimatthew05
2
13k
Transcript
Auth0 for AI Agents How to use OAuth to access
third party services from an AI agent Deepu K Sasidharan
@auth0 | @deepu105 | deepu.tech ➔ OSS aficionado, polyglot dev,
author, speaker ➔ JHipster co-chair ➔ Creator of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ Java Champion Hi, I’m Deepu Sasidharan @
[email protected]
deepu.tech @deepu105.bsky.social deepu05
@auth0 | @deepu105 | deepu.tech The Current State of AI
Security Agents, RAG and everything in between
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Identity Challenges for AI-Powered Applications
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Excessive Agency
@auth0 | @deepu105 | deepu.tech Security Challenges Calling APIs Human-in-the-loop
@auth0 | @deepu105 | deepu.tech How to prevent this?
@auth0 | @deepu105 | deepu.tech Calling APIs?
@auth0 | @deepu105 | deepu.tech export const getInfoFromAPI = tool({
description: 'Get information from my own API.' , parameters: z.object({}), execute: async () => { const session = await auth0.getSession(); if (!session) { return 'There is no user logged in.' ; } const response = await fetch(`https://my-own-api` , { headers: { Authorization: `Bearer ${session.tokenSet.accessToken}`, }, }); if (response.ok) { return { result: await response.json() }; } return "I couldn't verify your identity" ; }, }); Call First Party APIs with OAuth
@auth0 | @deepu105 | deepu.tech Third Party APIs?
@auth0 | @deepu105 | deepu.tech OAuth Federation
@auth0 | @deepu105 | deepu.tech Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech // Connection for Google services
export const withGoogleConnection = auth0AI.withTokenForConnection ({ connection : 'google-oauth2' , scopes: ['https://www.googleapis.com/auth/calendar.events' ], refreshToken : getRefreshToken , }); // Wrapped tool export const checkUsersCalendarTool = withGoogleConnection ( tool({ description : 'Check user availability on a given date time on their calendar' , parameters : z.object({ date: z.coerce.date() }), execute: async ({ date }) => { // Get the access token from Auth0 AI const accessToken = await getAccessToken (); // Google SDK const calendar = getGoogleCalendar (accessToken ); const response = await calendar .freebusy .query({ auth, requestBody : { timeMin: formatISO (date), timeMax: addHours (date, 1).toISOString (), timeZone : 'UTC', items: [{ id: 'primary' }], }, }); return response .data?.calendars ?.primary?.busy?.length, }; }, }), ); Call Third Party APIs With Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech Human-in-the-loop?
@auth0 | @deepu105 | deepu.tech Async Authorizations with CIBA Client-Initiated
Backchannel Authentication Flow
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({
userID: async () => { const user = await getUser(); return user?.sub as string; }, bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} of ${product}`, scopes: ['openid', 'product:buy'], audience: process.env['AUDIENCE']!, onUnauthorized: async (e: Error) => { if (e instanceof AccessDeniedInterrupt) { return 'The user has denied the request'; } return e.message; }, }); export const shopOnlineTool = withAsyncAuthorization( tool({ description: 'Tool to buy products online', parameters: z.object({ product: z.string(), qty: z.number() }), execute: async ({ product, qty, priceLimit }) => { const credentials = getCIBACredentials(); const accessToken = credentials?.accessToken; // Use access token to call first party APIs return `Ordering ${qty} ${product} with price limit ${priceLimit}`; }, }), ); Async AuthZ with Auth0
@auth0 | @deepu105 | deepu.tech Assistant0 github.com/auth0-samples/auth0- assistant0
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event
@auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/
Thank You