Skip to main content

AAuth - Agentic Authorization OAuth 2.1 Extension
draft-rosenberg-oauth-aauth-01

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Jonathan Rosenberg , Pat White
Last updated 2026-04-22 (Latest revision 2025-10-19)
Replaces draft-patwhite-aauth
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

This document defines the Agent Authorization Grant, an OAuth 2.1 extension allowing a class of Internet applications - called AI Agents - to obtain access tokens in order to invoke web-based APIs on behalf of their users. In the use cases envisaged here, users interact with AI Agents through communication channels - the Public Switched Telephone Network (PSTN) or texting - which do not permit traditional OAuth grant flows. Instead, AI agents collect Personally Identifying Information (PII) through natural language conversation, and then use that collected information to obtain an access token with appropriately constrained scopes. A primary considering is ensuring that the Large Language Model (LLM) powering the AI Agent cannot, through hallucination, result in impersonation attacks.

Authors

Jonathan Rosenberg
Pat White

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)