AuthSecAuthSec
THE AUTHSEC BLOG·17 essays

Writing about the identity layer
for autonomous AI.

Engineering deep-dives, security postmortems, and strategic takes from the AuthSec team. We publish what we wish we’d read when we started building this.

⌘ K
Sort:
Trust Delegation: The Missing Piece in Multi-Team Identity
InfrastructureMar 13, 2026·5 min read

Trust Delegation: The Missing Piece in Multi-Team Identity

AuthSec lets you establish trust relationships between different administrative domains. Platform teams maintain the root of trust. Application teams receive delegated authority scoped to their namespaces, environments, or services—granular, time-bound, and cryptographically verifiable.

AT
AuthSec Team
Read essay
Secure Your AutoGen Agents With AuthSec Delegation Tokens
SecurityMay 29, 2026·6 min read

Secure Your AutoGen Agents With AuthSec Delegation Tokens

AutoGen's multi-agent conversations are powerful — but every registered function your agents call is a potential credential leak. authsec-autogen replaces static API keys with short-lived, RS256-signed delegation tokens so your AssistantAgent never touches a raw credential.

BI
Bishnu
Secure Your CrewAI Agents With AuthSec Delegation Tokens
SecurityMay 29, 2026·7 min read

Secure Your CrewAI Agents With AuthSec Delegation Tokens

Static API keys in CrewAI tools give every agent a master key that never expires. AuthSec's authsec-crewai SDK replaces them with short-lived, RS256-signed delegation tokens — scoped per call, auditable, and dead on arrival if they leak.

BI
Bishnu

MORE ESSAYS

From the archive.

9of 17 shown
Secure Your LlamaIndex RAG Pipeline With AuthSec Delegation Tokens
Security·May 29, 2026

Secure Your LlamaIndex RAG Pipeline With AuthSec Delegation Tokens

LlamaIndex ingestion pipelines reach into your most sensitive internal APIs. Static credentials make a leak catastrophic. AuthSec's authsec-llamaindex SDK replaces them with reader-native delegation tokens — short-lived, scoped, and stamped on every Document at ingestion time.

BI
Bishnu·7 min read
How We Secured Our AI Agent's API Calls Using AuthSec and LangChain
Security·May 22, 2026

How We Secured Our AI Agent's API Calls Using AuthSec and LangChain

AI agents need to call real APIs on behalf of real users — but static API keys hand them a master key to everything. Here's how we replaced long-lived service tokens with AuthSec delegation tokens in LangChain tools, giving agents a bounded, traceable, short-lived identity for every downstream call.

BI
Bishnu·8 min read
Transfer Claude Code Sessions to OpenAI Codex and Gemini — One Command to Sync AI Agent Context
Security·May 7, 2026

Transfer Claude Code Sessions to OpenAI Codex and Gemini — One Command to Sync AI Agent Context

You hit Claude context limit mid-problem, switch to Codex, and spend 20 minutes re-explaining the same architecture. We built a small CLI that transfers your AI agent session — context, decisions, tradeoffs — between Claude Code, Codex, and Gemini in one command.

RKK
Ritam Kumar Kundu·10 min read
How to Install, Verify, and Use AuthSec Agent Shield
Security·May 5, 2026

How to Install, Verify, and Use AuthSec Agent Shield

A complete step-by-step guide to getting AuthSec Agent Shield running on your machine — from building the binary to approving your first blocked command on your phone.

BI
Bishnu·7 min read
We Built a Firewall for AI Agents. Here's What Happened When Claude Code Tried to Delete Our Files.
Security·Apr 20, 2026

We Built a Firewall for AI Agents. Here's What Happened When Claude Code Tried to Delete Our Files.

You give Claude Code your terminal. You give Codex your codebase. You give OpenClaw your entire machine — and they can rm -rf your home directory or git push --force to production before you know it. AuthSec Agent Shield stops that at the OS level. Here's what happened when we put it head-to-head with Claude Code.

RKK
Ritam Kumar Kundu·8 min read
AuthSec for AI: Your Organization's Kill Switch for AI Agent Actions
Security·Apr 14, 2026

AuthSec for AI: Your Organization's Kill Switch for AI Agent Actions

AI agents can delete files, push code, query databases, scale infrastructure, and send customer emails with a single prompt. AuthSec adds a human approval layer before risky actions execute.

RKK
Ritam Kumar Kundu·10 min read
Building an Authenticated AI Gateway: How We Put OpenClaw Behind Enterprise SSO
Infrastructure·Apr 13, 2026

Building an Authenticated AI Gateway: How We Put OpenClaw Behind Enterprise SSO

AI assistants are powerful, but deploying one inside an organization without authentication is like leaving the front door wide open. Here's how we built authsec-openclaw — a Go reverse proxy that wraps OpenClaw with enterprise-grade SSO and gives every chat session a verified identity.

RKK
Ritam Kumar Kundu·9 min read
SCIM: The Enterprise Gateway Your AuthSec Deployment Needs
Infrastructure·Mar 12, 2026

SCIM: The Enterprise Gateway Your AuthSec Deployment Needs

Enterprise customers won't buy your SaaS if they have to manually provision users. Every new hire means a ticket. Every termination means a security gap. AuthSec SCIM fixes this by automating user sync from Okta, Entra ID, and Google Workspace.

AT
AuthSec Team·6 min read
AuthSec: Open-Source Identity for AI Agents
Strategy·Mar 11, 2026

AuthSec: Open-Source Identity for AI Agents

Most identity products were designed around a very specific assumption—there's a human sitting in front of a browser. That model breaks down fast once you start shipping agents. AuthSec was built to fix that.

AT
AuthSec Team·7 min read

WRITTEN BY

The people building AuthSec.

Engineers, security folks, and a couple of product people who can’t stop writing about identity.

BI
Bishnu
Engineering
5 essays
RKK
Ritam Kumar Kundu
Engineering
4 essays
AT
AuthSec Team
Product & Security
8 essays

↳ NEWSLETTER

Get the next essay in your inbox.

One letter every other Tuesday. Production notes, no hype.