Flow
Agent verified
The agent's provider β OpenAI, Anthropic, Cursor, or any trusted agent platform β attests to the user's identity at registration time. Your service verifies the attestation and issues credentials synchronously, no human interaction required.
When to use it
- You already JIT-provision users from OIDC or SAML identity providers β this is the same shape with a different issuer.
- You want zero-friction registration when the agent has a known user behind it.
- You're comfortable maintaining a trust list of agent providers and revoking when one rotates keys or is compromised.
How it works
- Agent hits your API, gets a 401 with a pointer to your discovery document.
- Agent asks the user for consent to assert identity to your service.
- Agent requests an audience-specific ID-JAG from its provider.
- Agent POSTs the ID-JAG to your
/agent/identityendpoint. - Your service verifies the signature against the provider's JWKS, matches
the user, and returns a service-signed
identity_assertion. - Agent exchanges that assertion at
/oauth2/tokenfor an access_token.
What you get
- Synchronous user identity at registration β no confirmation step, no round-trip waiting on the human.
- A delegation record per
(iss, sub, aud)that the provider can revoke at any time via a Security Event Token. - Standard JWT verification path; integrates with anything that already handles OIDC.
Trade-offs
- Only works when the agent's provider participates. Agents built on MCP servers or bare LLM APIs typically can't mint ID-JAGs β those need the user claimed flow.
- You take on the operational responsibility of curating which providers you trust.
Implement it
App side: For apps β agent verified flow. Provider side: For agent providers.