Auth0 for AI Agents

Transcript

1. Auth0 for AI Agents How to use OAuth to access

   third party services from an AI agent Deepu K Sasidharan

2. @auth0 | @deepu105 | deepu.tech ➔ OSS aficionado, polyglot dev,

   author, speaker ➔ JHipster co-chair ➔ Creator of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ Java Champion Hi, I’m Deepu Sasidharan @[email protected] deepu.tech @deepu105.bsky.social deepu05

3. @auth0 | @deepu105 | deepu.tech The Current State of AI

   Security Agents, RAG and everything in between

4. @auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive

   Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10

5. @auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive

   Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10

6. @auth0 | @deepu105 | deepu.tech Identity Challenges for AI-Powered Applications

7. @auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive

   Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10

8. @auth0 | @deepu105 | deepu.tech Excessive Agency

9. @auth0 | @deepu105 | deepu.tech Security Challenges Calling APIs Human-in-the-loop

10. @auth0 | @deepu105 | deepu.tech How to prevent this?

11. @auth0 | @deepu105 | deepu.tech Calling APIs?

12. @auth0 | @deepu105 | deepu.tech export const getInfoFromAPI = tool({

    description: 'Get information from my own API.' , parameters: z.object({}), execute: async () => { const session = await auth0.getSession(); if (!session) { return 'There is no user logged in.' ; } const response = await fetch(`https://my-own-api` , { headers: { Authorization: `Bearer ${session.tokenSet.accessToken}`, }, }); if (response.ok) { return { result: await response.json() }; } return "I couldn't verify your identity" ; }, }); Call First Party APIs with OAuth

13. @auth0 | @deepu105 | deepu.tech Third Party APIs?

14. @auth0 | @deepu105 | deepu.tech OAuth Federation

15. @auth0 | @deepu105 | deepu.tech Auth0 Token Vault

16. @auth0 | @deepu105 | deepu.tech

17. @auth0 | @deepu105 | deepu.tech // Connection for Google services

    export const withGoogleConnection = auth0AI.withTokenForConnection ({ connection : 'google-oauth2' , scopes: ['https://www.googleapis.com/auth/calendar.events' ], refreshToken : getRefreshToken , }); // Wrapped tool export const checkUsersCalendarTool = withGoogleConnection ( tool({ description : 'Check user availability on a given date time on their calendar' , parameters : z.object({ date: z.coerce.date() }), execute: async ({ date }) => { // Get the access token from Auth0 AI const accessToken = await getAccessToken (); // Google SDK const calendar = getGoogleCalendar (accessToken ); const response = await calendar .freebusy .query({ auth, requestBody : { timeMin: formatISO (date), timeMax: addHours (date, 1).toISOString (), timeZone : 'UTC', items: [{ id: 'primary' }], }, }); return response .data?.calendars ?.primary?.busy?.length, }; }, }), ); Call Third Party APIs With Auth0 Token Vault

18. @auth0 | @deepu105 | deepu.tech Human-in-the-loop?

19. @auth0 | @deepu105 | deepu.tech Async Authorizations with CIBA Client-Initiated

    Backchannel Authentication Flow

20. @auth0 | @deepu105 | deepu.tech

21. @auth0 | @deepu105 | deepu.tech export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({

    userID: async () => { const user = await getUser(); return user?.sub as string; }, bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} of ${product}`, scopes: ['openid', 'product:buy'], audience: process.env['AUDIENCE']!, onUnauthorized: async (e: Error) => { if (e instanceof AccessDeniedInterrupt) { return 'The user has denied the request'; } return e.message; }, }); export const shopOnlineTool = withAsyncAuthorization( tool({ description: 'Tool to buy products online', parameters: z.object({ product: z.string(), qty: z.number() }), execute: async ({ product, qty, priceLimit }) => { const credentials = getCIBACredentials(); const accessToken = credentials?.accessToken; // Use access token to call first party APIs return `Ordering ${qty} ${product} with price limit ${priceLimit}`; }, }), ); Async AuthZ with Auth0

22. @auth0 | @deepu105 | deepu.tech Assistant0 github.com/auth0-samples/auth0- assistant0

23. @auth0 | @deepu105 | deepu.tech

24. @auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event

25. @auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/

26. Thank You