Found at “Four Open-Source Agentic Authorization Alternatives” on 2026-04-09T11:01:48+02:00.

The Agentic Authorization OAuth 2.1 Extension is an IETF draft that was first created in May 2025. It’s now in its version 01 and provides a solution where AI agents can identify their users and, in turn, use their identification to obtain OAuth access tokens.

Agentic Authorization OAuth 2.1 Extension (AAuth). During the interaction between an agent and a human, the agent requests certain pieces of PII that it can then use to obtain an authorization. The goal is that having those details about a user will be sufficient to provide a valid proof of identity. All these exchanges are done as part of the new Agent Authorization Grant that issues low-privilege, user-specific access tokens. The system can also escalate and ask for a human to intervene in situations where there’s a high risk potential.