Keycard for Multi-Agent Apps Lets Builders Construct Safe Autonomous Purposes The place Entry is Delegated Between Brokers, on a Per-Process Foundation, With out Standing Privileges
Keycard, the supplier of id and entry for AI brokers, introduced Keycard for Multi-Agent Apps, extending its platform to assist delegated, session-based entry throughout techniques of autonomous brokers. Keycard lets builders construct apps the place each agent has its personal id, entry is scoped to every activity and each motion is absolutely attributable throughout brokers, customers and techniques.
“Enterprises are rebuilding enterprise features round AI brokers. Proper now the builders constructing these techniques have to decide on: give brokers broad entry they usually’re ungovernable or lock them down and lose what makes them precious,” mentioned Ian Livingstone, co-founder and CEO of Keycard. “Brokers constructed utilizing Keycard don’t expertise this trade-off, as they’ve their very own id, delegate entry per-task and function with no standing privileges or static credentials.”
“We wished our engineers deploying brokers and instruments into manufacturing with no need to be safety or id specialists. Keycard’s platform made that potential. We had brokers operating towards manufacturing techniques in days,” mentioned Dennis Yang, Principal Product Supervisor for Generative AI at Chime.
Additionally Learn: AIThority Interview With Rohit Agarwal, Founder & CEO of Portkey
Multi-agent architectures have gotten the usual strategy to constructing AI apps, with specialised brokers more and more being utilized by general-purpose brokers to finish complicated duties throughout software program improvement, operations, gross sales, advertising, finance and extra. The issue is structural: most groups depend on shared API keys, inherited credentials or persistent entry to attach these brokers, none of which restrict entry to what the duty really requires.
That is compounded as brokers acquire extra autonomy: an agent can delete a database or exfiltrate confidential data with none human overseeing it. Conventional approaches to service id and entry management had been designed for a world of human operators, not agent-to-agent delegation, and with out it, the chance shifts from remoted misuse to systemic failure.
Keycard for Multi-Agent Apps solves this by giving each agent verifiable id with out long-lived API keys or credentials on disk. Builders can construct brokers and instruments utilizing Keycard’s SDKs for Python and TypeScript. When an agent begins, it mechanically receives its id by means of runtime attestation. When a person or agent initiates a activity, Keycard creates a session that binds each motion to the originating person and request, supporting three delegation patterns:
- Brokers appearing on their very own behalf throughout multi-hop workflows, every with scoped id and delegated entry.
- Brokers appearing on behalf of people or different brokers by means of specific delegation, preserving the total chain of authority from the originating person to each downstream agent.
- Brokers impersonating different brokers or people underneath coverage constraints for particular operational workflows, with full audit transparency.
All three patterns use the identical SDK, the identical coverage engine and the identical management aircraft. Brokers uncover and authenticate each other mechanically utilizing Consumer ID Metadata Paperwork. As brokers delegate work to different brokers or name instruments, Keycard evaluates coverage as a part of each token trade utilizing OAuth 2.0 Token Alternate (RFC 8693), scoping entry to the duty and narrowing permissions at every hop so no agent ever holds extra privilege than the duty requires or coverage permits. Each token within the chain is traceable, revocable and expires with the session.
Keycard for Multi-Agent Apps offers builders the instruments to construct and ship multi-agent apps that work throughout clouds and offers safety groups the controls to manipulate them:
- Import id, as an alternative of constructing it. Keycard’s SDKs for Python, TypeScript and Go combine with LangChain, Mastra and extra, giving builders id, delegation and entry management as primitives they’ll drop into any agent or software.
- Work with any agent. Natively accessible to ChatGPT, Claude, Codex and any agent or software that speaks MCP, A2A or OAuth 2.1 together with OpenClaw and Pi.
- Deploy throughout any platform. Runs on Vercel, Cloudflare, Fly.io, AWS, GCP, Azure and extra. Identification travels with the agent with no static secrets and techniques to provision, rotate or shield.
- Join brokers to any software or service. The identical scoped, session-bound credentials that govern agent-to-agent entry work for connecting to APIs, databases and SaaS platforms.
- Management what each agent can do. Builders and safety groups set insurance policies that management which brokers can entry which assets, what they’ll delegate and the way far permissions can journey. Any change in coverage triggers revocation throughout affected brokers and periods.
- No token administration required. Keycard manages the total token lifecycle, from issuance, storage and rotation to attenuation and revocation, throughout each agent and session.
Behind all of it, the Keycard platform supplies id federation and monitoring by way of OIDC, SCIM and near-real-time audit logging throughout each agent interplay. It’s the similar system powering Keycard for Coding Brokers. Collectively, they offer organizations a single platform for adopting, constructing, deploying and governing brokers and connecting them to companies, whether or not constructed or purchased.
Additionally Learn: AI-Pushed Threat Intelligence: How FIs Are Predicting Systemic Shocks
[To share your insights with us, please write to psen@itechseries.com]
