OAuth's On-Behalf-Of flow for AI agents

A new IETF Internet-Draft proposes an extension to OAuth's authorization code flow to address the challenge of distinguishing between actions performed by AI agents and users when interacting with APIs, ensuring clear audit trails and consent. The draft introduces two parameters, requested_actor and actor_token, which allow the agent's identity to be carried through the consent screen and embedded in access tokens, thereby enabling users to grant specific powers to specific agents and allowing downstream systems to identify who acted. This draft, titled "OAuth 2.0 Extension: On-Behalf-Of User Authorization for AI Agents," aims to provide a vendor-neutral, front-channel flow for obtaining explicit user consent, overcoming limitations of existing approaches like Microsoft's On-Behalf-Of flow and RFC 8693 token exchange. It highlights the importance of binding the actor to the authorization code and ensuring that consent screens explicitly name the agent, offering a more secure and transparent delegation model that distinguishes agents from users and provides an audit trail for compliance and incident response. While the draft is still in progress and subject to change, it aims to offer a standardized solution to managing AI agent identities and delegations within the OAuth ecosystem, providing a foundation for agent systems that require clear user consent and reliable audit capabilities.