Skip to main content

Transaction Tokens For Agents
draft-oauth-transaction-tokens-for-agents-06

Document Type Replaced Internet-Draft (individual)
Expired & archived
Author Ashay Raut
Last updated 2026-04-11
Replaced by draft-araut-oauth-transaction-tokens-for-agents
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-araut-oauth-transaction-tokens-for-agents
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

This document specifies an extension to the OAUTH-TXN-TOKENS (https://drafts.oauth.net/oauth-transaction-tokens/draft-ietf-oauth- transaction-tokens.html) to support agent context propagation within Transaction Tokens for agent-based workloads. The extension defines the use of the act field to identify the agent performing the action, and leverages the existing sub field (as defined in the base Transaction Tokens specification) to represent the principal. The sub field is populated according to the rules specified in OAUTH-TXN- TOKENS (https://drafts.oauth.net/oauth-transaction-tokens/draft-ietf- oauth-transaction-tokens.html), based on the 'subject_token' provided in the token request. For autonomous agents operating independently, the sub field represents the agent itself. These mechanisms enable services within the call graph to make more granular access control decisions, thereby enhancing security.

Authors

Ashay Raut

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)