Agent Identity Standardisation Efforts

The IETF and other standards bodies are accelerating efforts to establish agent identity standards, addressing challenges like static authorization grants for dynamic needs. Anthropic supports Workload Identity Federation but omits it from its Zero Trust whitepaper, drawing critique from identity expert Dick Hardt, who highlights the gap between AI developers and identity fields. The emerging AAuth protocol and IETF streams aim to build on OAuth 2.0 and OIDC foundations for agent security.

Quick post. I come from an Identity and security background, and still work closely with the Microsoft Identity team, who do a lot of work in standards working groups. There’s currently a lot of new technology emerging for agent identities before new standards have been agreed this is typically slow work, but there seems to be an urgency to the new efforts for agents . Some of this technology can already begin to address one of the major challenges for agent security: static authorisation grants for dynamic authorisation needs. But obviously everyone would rather this was all founded in standards IMO nothing has improved web security more than the OAuth 2.0 and OIDC standards, relative to what preceded them . IMO there are two major authentication and authorisation challenges to address: Much of the first of these needs can be met with available technologies. For instance, Anthropic document their support for Workload Identity Federation https://platform.claude.com/docs/en/manage-claude/workload-identity-federation , but frustratingly they don’t seem to mention it in their recent Zero Trust for AI Agents https://cdn.prod.website-files.com/6889473510b50328dbb70ae6/6a1611a04085d7cd3dadc924 Claude-eBook-Zero-Trust-for-AI-Agents-05182026.pdf whitepaper which is broadly welcome, if IMO short of the mark in some areas like this . Dick Hardt shared an excellent critique of the Anthropic paper https://blog.hello.coop/2026/06/anthropics-zero-trust-for-ai-agents-sets-the-right-test-the-bearer-token-fails-it/ . I can’t recommend this highly enough if you want to understand the gulf between AI developers and the Identity field . This critique is also an excellent on-ramp to the needs he’s working on in the AAuth protocol https://www.aauth.dev/ , which shares much in common with some of the wider IETF streams. From what I can gather, those efforts are not a major topic here, so I also wanted to share some of what’s in flight at IETF this Claude summary shared by George Fletcher https://www.linkedin.com/posts/gffletch comparitive-look-at-ietf-agentic-ai-charters-activity-7463581438282665984-3WZp?utm source=share&utm medium=member ios&rcm=ACoAAC38JMUBzW9m1vYbQFjaUjgd0 ZLI7I VwU gives some idea . Identity protocols are complex, and were already too complex for many developers to implement well roll-your-own identity and cryptography are two anti-practices that I hope are mainly avoided today . With agent identity needs, these protocols are only getting more complex, albeit with some great foundations from the standards that exist today. This is one of a few areas where the AI Control field needs to be exceptionally current, as there is a separate hive mind working very hard on these problems.