~ Open source · Agent-first identity
The identity layer for autonomous AI.
Authentication and authorization for AI agents, MCP servers, and autonomous workloads — with real-time policy enforcement and full auditability.
MCP Protocol
Secure every MCP server like a first-class protocol
AuthSec gives each MCP server a verifiable identity. Every tool call is authenticated, policy-checked, and logged — before execution, not after.
- Every MCP server gets a SPIFFE-compatible identity at registration
- Token exchange over a mutual-TLS authenticated channel
- Per-call policy enforcement — not just at login
- Tamper-evident audit log on every tool invocation
Protocol flow
AI Client
LLM / Agent
MCP Server
registered tool
AuthSec Gateway
identity · policy · audit
Identity
SPIFFE SVID
Policy
RBAC · OPA
Audit
immutable log
User Auth & Trust Delegation
Users stay in control. Agents act on their behalf.
Humans authenticate with OAuth 2.1 and delegate scoped, expiring permissions to AI agents. The agent never sees the user's credentials — only a time-bound token with exactly the permissions it needs.
- OAuth 2.1 + PKCE for browser, CLI, and voice sign-in
- Scoped delegation tokens — agents act within bounds, not as superusers
- SSO via Google, GitHub, and Microsoft out of the box
- WebAuthn / FIDO2 MFA for risk-based step-up auth
Machine-to-Machine Identity
Machines need passports too.
Services, agents, and pipelines authenticate each other with SPIFFE SVIDs — cryptographic X.509 identities that rotate automatically. No static API keys. No shared secrets. No blast radius when a credential leaks.
- SPIFFE SVIDs issued at workload startup — not at deploy time
- mTLS with automatic certificate rotation — no manual key management
- HashiCorp Vault-backed PKI — rotate the root CA without downtime
- Short-lived certs limit exposure when a workload is compromised
Developer Experience
Built for developers, ready for enterprise
Start in minutes with the SDK. Scale to enterprise compliance and governance without switching tools.
Secure an MCP server, AI agent, or voice agent in a few lines with lightweight SDK wrappers.
Run the full stack locally or on your own server with a single install script — no cloud lock-in.
Define and version your authorization rules in config files alongside your application code.
Preview voice authentication and agent auth flows live in the dashboard before you ship.
Every request is authenticated and authorized at the policy layer — implicit trust is never granted.
Apache 2.0 licensed. Inspect the source, fork it, and host it yourself with confidence.
From the blog
Go deeper on the topics that matter
MCP server: The Protocol Your Service Mesh Has Been Missing
Every component in your service mesh watches the same Kubernetes API. MCP is the distributed configuration layer that solves this.
The M2M Identity Gap: When Machines Outnumber Humans
Traditional IAM was built for a world where humans were the only actors. Modern stacks are increasingly autonomous.
Trust Delegation: The Missing Piece in Multi-Team Identity
AuthSec lets you establish trust relationships between administrative domains — granular, time-bound, and cryptographically verifiable.
Why AuthSec Is Built for Agents, Not Browsers
Most identity products assume a human in front of a browser. That model breaks fast once you start shipping agents.
The Cryptographic Identity Your Infrastructure Is Missing
Microservices don't have passports — they have IP addresses and shared secrets. SPIFFE/SPIRE fixes this at the workload level.
We Built a Firewall for AI Agents. Here's What Happened.
AuthSec Agent Shield stops destructive AI agent actions at the OS level. Here's what happened when we tested it with Claude Code.
Ready to secure your users and MCP servers?
Enterprise-grade security with OAuth 2.1, AI agent authentication, and a zero-trust architecture — open source and self-hostable.
- OAuth 2.1 & PKCE
- MCP server authentication
- AI agent workload identity
- Zero-trust security posture