{"slug": "agents-as-coworkers-identity-accountability-email", "title": "Agents as Coworkers: Identity, Accountability, Email", "summary": "Nylas has introduced Agent Accounts, currently in beta, which give AI agents their own email address and calendar, making them reachable, persistent, and accountable. This allows agents to send and receive emails independently, with full audit trails, rather than relying on borrowed OAuth tokens. The feature aims to treat software agents as coworkers, providing a stable identity for accountability in workflows like support triage and scheduling.", "body_md": "A new hire gets an email address on day one; most AI agents get a borrowed OAuth token and a list of tasks. That difference sounds cosmetic. It isn't — it quietly decides who's accountable when something goes wrong.\n\nHere's a filter I find useful for any agent doing ongoing work — support triage, scheduling, outreach: would you onboard a human contractor the way you onboarded this agent?\n\nSharing one employee's login? No address of their own, so every message they send appears to come from someone else? No calendar, so every meeting they arrange lives on a borrowed one? You'd never run a team that way, because you'd lose the thing organizational structure exists to provide: a stable answer to \"who did this, and how do I reach them?\"\n\nSoftware agents have been exempt from that standard mostly because giving them a real identity was hard. It's not anymore.\n\n[Agent Accounts](https://developer.nylas.com/docs/v3/agent-accounts/) — currently in beta — apply the coworker treatment to software. The agent gets a real `name@company.com`\n\nmailbox that sends and receives, six system folders provisioned automatically (`inbox`\n\n, `sent`\n\n, `drafts`\n\n, `trash`\n\n, `junk`\n\n, `archive`\n\n), and a primary calendar that hosts events and RSVPs to invitations over standard iCalendar. To anyone interacting with it, the account is indistinguishable from one a person operates.\n\nThe docs frame it the way you'd frame a colleague: \"reachable, persistent, and accountable for its own interactions.\" Reachable — anyone can email `scheduling@yourcompany.com`\n\nwithout knowing or caring that it's software. Persistent — the mailbox and its full history outlive any single deployment, model swap, or rewrite. Accountable — every message it ever sent is sitting in its own sent folder, attributable to it and nobody else.\n\nMechanically, the account is just another grant: one `grant_id`\n\nworks across the existing Messages, Drafts, Threads, Folders, Calendars, Events, and Webhooks endpoints. The agent uses the same APIs a human-connected account would, which is precisely the point.\n\nOnboarding the non-human coworker is one API call — the same Bring Your Own Authentication endpoint used for other providers, with `\"provider\": \"nylas\"`\n\n:\n\n```\ncurl --request POST \\\n --url \"https://api.us.nylas.com/v3/connect/custom\" \\\n --header \"Authorization: Bearer \" \\\n --header \"Content-Type: application/json\" \\\n --data '{\n \"provider\": \"nylas\",\n \"settings\": { \"email\": \"support@yourcompany.com\" }\n }'\n```\n\nNo OAuth consent screen, because there's no human to consent. From that moment, inbound mail to the address fires the standard `message.created`\n\nwebhook — identical in shape to the one any connected account fires. Your code branches on the grant's `provider`\n\nfield (`\"nylas\"`\n\n) when it needs to know a delivery belongs to an agent rather than a person.\n\nWhen a customer asks \"who told me my refund was approved?\", the answer with a coworker-style agent is concrete: `support@yourcompany.com`\n\ndid, here's the thread, here's the timestamp. Compare that to an agent acting through a human's credentials — the audit trail says *Dana* sent it, and now Dana has to prove she didn't.\n\nIdentity also changes how people relate to the automation. A voice agent that emails a call recap from `voice-agent@yourcompany.com`\n\nis something you can reply to, forward, or CC into a thread. A support-triage account at `support@yourcompany.com`\n\nreceives every inbound ticket directly, in its own inbox, where the full history stays searchable. The agent becomes a participant in normal workflows instead of an invisible process hiding behind someone else's name. Trust follows addressability: people extend more of it to things they can reach.\n\nMake it concrete. A `support@yourcompany.com`\n\nAgent Account receives every inbound support email directly — not a forwarded copy, the actual delivery. Rules attached to the account block known spam domains at the SMTP stage, before the model spends a single token on them. Invoices auto-route to a finance folder. VIP senders get marked for immediate attention. An LLM drafts replies to the common questions; the sensitive ones queue for a human to approve through a webhook flow.\n\nEvery piece of that pipeline maps to something you'd recognize from onboarding a person: a desk (the mailbox), standing instructions (the rules), a manager's sign-off on anything risky (the approval queue). The difference is that the standing instructions are enforced by infrastructure instead of memory, and the paper trail writes itself.\n\nThe model also scales the way org charts do. A multi-tenant product can provision one Agent Account per customer, each on the customer's own verified domain — `scheduling@customer-a.com`\n\n, `scheduling@customer-b.com`\n\n— each with its own policy, its own send quota, its own sender reputation. All of them run in one Nylas application with the same code path. That's a hundred coworkers with a hundred distinct identities, and one payroll system.\n\nNow the honest part. Agents aren't coworkers, and treating them identically is how incidents happen. A human earns trust gradually and exercises judgment under ambiguity; an agent needs explicit, machine-enforced limits from day one, because an LLM in a retry loop has no concept of \"this seems off.\"\n\nSo the implementation inverts the metaphor: a coworker gets a performance review, an agent gets a policy object. Send quotas (the free plan defaults to 200 messages per account per day), spam detection, and inbound rules that block junk before the model ever sees it — all attached to the account itself rather than left to the agent's own discipline.\n\nEven the agent's memory is a policy decision rather than a personal trait: the free plan retains inbox mail for 30 days and spam for 7, and retention is configurable through the same policy object that sets the quotas. A coworker remembers what they choose to; an agent remembers exactly what you configured it to.\n\nOffboarding breaks the metaphor too. Humans leave gradually, with handovers and goodbye cake. Agents should be torn down instantly and completely — delete the grant, and the identity is gone. The coworker framing covers identity and accountability. It was never about employment.\n\nThe [quickstart](https://developer.nylas.com/docs/v3/getting-started/agent-accounts/) goes from API key to a working send-and-receive mailbox in under 5 minutes, which is faster than most companies issue a laptop. Provision an account for an agent you already run — even a low-stakes one — and pay attention to what changes once its output has a name attached. In my experience the audit conversation gets shorter, and the \"wait, what sent that?\" conversation disappears entirely.\n\nDoes your agent have an identity of its own, or is it still wearing yours?", "url": "https://wpnews.pro/news/agents-as-coworkers-identity-accountability-email", "canonical_source": "https://dev.to/qasim157/agents-as-coworkers-identity-accountability-email-af", "published_at": "2026-06-16 17:06:55+00:00", "updated_at": "2026-06-16 17:17:06.136240+00:00", "lang": "en", "topics": ["ai-agents", "developer-tools", "ai-products", "ai-infrastructure"], "entities": ["Nylas", "Agent Accounts", "OAuth"], "alternates": {"html": "https://wpnews.pro/news/agents-as-coworkers-identity-accountability-email", "markdown": "https://wpnews.pro/news/agents-as-coworkers-identity-accountability-email.md", "text": "https://wpnews.pro/news/agents-as-coworkers-identity-accountability-email.txt", "jsonld": "https://wpnews.pro/news/agents-as-coworkers-identity-accountability-email.jsonld"}}