The New Stack Podcast

OAuth Works for AI Agents but Scaling is Another Question

Feb 27, 2025

Maya Kaczorowski, a respected technologist and founder of Oblique, dives into the intersection of OAuth, AI agents, and identity management. She reveals how developers perceive AI agents as extensions of themselves, thus relying on OAuth for secure access. Kaczorowski highlights the growing challenges in managing vast numbers of AI identities, emphasizing the need for scalable solutions. The discussion addresses the complexities of integrating AI with SaaS, the balance of AI autonomy versus security safeguards, and ongoing evolution in access control methods.

25:36

Creator website

Episode guests

Maya Kaczorowski

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

OAuth effectively manages AI agent identity by allowing users to delegate specific permissions, ensuring agents access only necessary data.

The rapid growth of AI agents necessitates innovative authorization frameworks that can efficiently scale beyond traditional models and maintain security.

Deep dives

Understanding AI Agent Identity with OAuth

OAuth presents a significant solution for managing AI agent identity by allowing users to delegate specific permissions to their AI tools. This approach maintains the principle of least privilege, granting agents access only to the data they need to function effectively, such as when integrating AI capabilities with existing SaaS applications. For example, a user can choose to allow an AI agent access to certain documents or calendar events without compromising the entirety of their data. This thoughtful delegation of permissions through OAuth not only addresses privacy concerns but also facilitates the seamless operation of AI agents in various contexts.

Intro

5min

Integrating AI and SaaS with OAuth

4min

The Value Proposition of Integrating AI in SaaS Applications

2min

Managing AI Complexity

7min

Navigating OAuth Challenges in Authentication

8min

Maya Kaczorowski noticed that AI identity and AI agent identity concerns were emerging from outside the security industry, rather than from CISOs and security leaders. She concluded that OAuth, the open standard for authentication, already serves the purpose of granting access without exposing passwords.

Kaczorowski, a respected technologist and founder of Oblique, a startup focused on self-serve access controls, recently wrote about OAuth and AI agents and shared her insights on this episode of The New Stack Makers. She noted that developers see AI agents as extensions of themselves, granting them limited access to data and capabilities—precisely what OAuth is designed to handle.

The challenges with AI agent identity are vast, involving different approaches to authentication, such as those explored by companies like AuthZed. While existing authorization models like RBAC or ABAC may still apply, the real challenge lies in scale. The exponential growth of AI-related entities—from users to LLMs—could mean even small organizations manage hundreds of thousands of agents. Future solutions must accommodate this massive scale efficiently.

For the full discussion, check out The New Stack Makers interview with Kaczorowski.

Learn more from The New Stack about OAuth requirements for AI Agents:

OAuth 2.0: A Standard in Name Only?

AI Agents Are Redefining the Future of Identity and Access Management

Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

The New Stack Podcast

OAuth Works for AI Agents but Scaling is Another Question

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding AI Agent Identity with OAuth

Challenges and Limitations of Current Authorization Systems

The Future of Authorization in an AI-Driven World

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

The New Stack Podcast

OAuth Works for AI Agents but Scaling is Another Question

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding AI Agent Identity with OAuth

Challenges and Limitations of Current Authorization Systems

The Future of Authorization in an AI-Driven World

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights