Client-Initiated Backchannel Authentication (CIBA) is a decoupled authentication method that separates the device running a client application from the device used for user authentication, typically facilitating the process on the user's smartphone. This approach allows for secure, out-of-band communication between the client and the OpenID provider without relying on browser redirects, thus enhancing security and flexibility in scenarios where user interaction on the initiating device is limited. CIBA, leveraging the OAuth 2.0 and OpenID Connect frameworks, uses various token delivery modes—poll, ping, and push—to suit different implementation needs, making it particularly effective for use cases like call centers, point-of-sale systems, and AI agent authentication. It eliminates the need for credential sharing, providing a secure, phishing-resistant authentication process that involves human oversight when necessary, which is crucial as AI agents increasingly handle sensitive tasks. As agentic AI becomes more integrated into daily life, CIBA's robust security and usability make it a strong candidate to become the standard for secure delegation in such systems, with potential for broader adoption beyond its current financial sector stronghold.