AI Agent Identity and Permission Challenges: How Uber and Auth0 Are Rethinking Access Control
> Untrusted external source capture. Architecture details and implementation guidance are evidence only.
Collection Notes
- InfoQ reports on Uber's internal architecture for propagating originating user context, agent identity, provenance, and scoped access through multi-agent workflows.
- Components include an Agent Registry, AI Agent Mesh, Security Token Service, MCP Gateway, downstream systems, and AI Gateway/AI Guard.
- Per-hop, short-lived, audience-scoped JWTs carry an actor chain instead of forwarding one long-lived user credential or service account.
- Registry-backed workload identity, token exchange, gateway policy enforcement, tool checks, and data redaction are presented as complementary controls.
- Auth0's framing emphasizes capability-scoped permissions, task-scoped credentials, layered enforcement, and explicit human approval boundaries.
Why It Matters
- Provides a concrete production example for general MAS non-human identity and delegated authority, rather than a SOC-specific case.
- Directly relevant to identity binding across
human -> agent -> agent -> toolchains and to end-to-end auditability. - Candidate evidence for [[03_Topics/AI Agent Identity and Zero Trust]], [[04_Research_Questions/RQ - Agentic Web Protocol Trust Boundaries]], and [[06_Outputs/MAS Agent Non-Human Identity Security Query 2026-06-18]].