logoalt Hacker News

esafakyesterday at 8:54 PM3 repliesview on HN

First time I'm hearing about https://agentauthprotocol.com/ and https://workos.com/auth-md

MCP and A2A weren't enough?


Replies

ccotoday at 2:25 AM

There are a lot of ideas swirling around right now, it has been the most anybody has cared about OAuth in 15 years.

Most auth companies are playing in this space, some are trying to own the spec, like WorkOS, some are working more closely with standards bodies.

I, like the other commentator, am of the opinion that 90% of the problem space is solved with OAuth and the remainder will be worked out over the next few years as we see how autonomous agents evolve.

benswerdyesterday at 9:03 PM

MCP Auth is just Oauth, its designed for humans to authenticate their sessions for connections.

TBH I know nothing about A2A.

Agent Identity and Authz is a different problem, allowing agents to operate independently from humans with granular permissions is coming/whether from these protocols or others, and when it does I think CLIs/CLI Device Auth which is used as a rough proxy for this where the agent just takes your identity will finally go away.

cheekygeekyyesterday at 11:08 PM

[flagged]