Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Auth0 for AI Agents
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Deepu K Sasidharan
September 24, 2025
Programming
120
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Auth0 for AI Agents
How to use OAuth to access third party services from an AI agent
by Deepu K Sasidharan
Deepu K Sasidharan
September 24, 2025
More Decks by Deepu K Sasidharan
See All by Deepu K Sasidharan
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
50
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
deepu105
0
72
Auth for MCP: Secure MCP servers using OAuth
deepu105
0
70
Securing the Future of AI: Authorization Strategies for RAG Systems using LangChain4J and OpenFGA
deepu105
0
140
Demystifying OAuth and OIDC: JFokus
deepu105
1
200
Mastering Kubernetes Security from Containers to Cluster Fortresses
deepu105
1
120
Go containerless on Kubernetes
deepu105
1
160
A Passwordless Future! Passkeys for Java Developers
deepu105
0
210
Go containerless on Kubernetes with WebAssembly and Rust
deepu105
0
110
Other Decks in Programming
See All in Programming
TypeScript+Orvalで実現する型安全かつ堅牢でスケーラブルなマルチチャネル通知基盤 / TSKaigi Night talks ~after conference~
d0riven
0
360
フロントエンドとバックエンドで「1文字」を揃えよう
youkidearitai
PRO
0
750
AIキャラアプリkaiwaの低遅延音声通話基盤をどう作ったか - AWS Gravitonで支える低遅延・低コストAI Agent基盤
mogamit
0
110
コンテキストの使い捨てをやめる — ビジネスルール駆動開発と miko —
ioki
0
240
代数的データ型って何が嬉しいの? #frontend_phpcon_do
kajitack
8
3.8k
才能?センス?知らん、 続けたもん勝ちだ。-- 結婚・出産・癌を越えてなお、私がプロダクトを創り続ける理由
16bitidol
1
460
TAKTでAI駆動開発の品質を設計する
j5ik2o
7
1.5k
A2UI という光を覗いてみる
satohjohn
1
160
トークンをケチるな、設計しろ:GitHub Copilotを賢く使うコンテキスト戦略
ochtum
0
200
ECSアプリログをFireLensでコスト削減しようとしたけど諦めた話 in Fargate×Node.js
akihisaikeda
2
4.2k
OSもどきOS
arkw
0
590
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
yukukotani
3
4.6k
Featured
See All Featured
Faster Mobile Websites
deanohume
310
32k
The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)
kimpetersen
PRO
0
370
Navigating Weather and Climate Data
rabernat
0
240
Agile Leadership in an Agile Organization
kimpetersen
PRO
0
170
Java REST API Framework Comparison - PWX 2021
mraible
34
9.4k
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
450
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
200
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
1
1.8k
[SF Ruby Conf 2025] Rails X
palkan
2
1.1k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
2k
A Soul's Torment
seathinner
6
3k
Mind Mapping
helmedeiros
PRO
1
260
Transcript
Auth0 for AI Agents How to use OAuth to access
third party services from an AI agent Deepu K Sasidharan
@auth0 | @deepu105 | deepu.tech ➔ OSS aficionado, polyglot dev,
author, speaker ➔ JHipster co-chair ➔ Creator of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ Java Champion Hi, I’m Deepu Sasidharan @
[email protected]
deepu.tech @deepu105.bsky.social deepu05
@auth0 | @deepu105 | deepu.tech The Current State of AI
Security Agents, RAG and everything in between
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Identity Challenges for AI-Powered Applications
@auth0 | @deepu105 | deepu.tech • Prompt Injection • Sensitive
Information Disclosure • Supply Chain Attacks • Data and Model Poisoning • Improper Output Handling • Excessive Agency • System Prompt Leakage • Vector and Embedding Weaknesses • Misinformation • Unbounded Consumption OWASP LLM top 10
@auth0 | @deepu105 | deepu.tech Excessive Agency
@auth0 | @deepu105 | deepu.tech Security Challenges Calling APIs Human-in-the-loop
@auth0 | @deepu105 | deepu.tech How to prevent this?
@auth0 | @deepu105 | deepu.tech Calling APIs?
@auth0 | @deepu105 | deepu.tech export const getInfoFromAPI = tool({
description: 'Get information from my own API.' , parameters: z.object({}), execute: async () => { const session = await auth0.getSession(); if (!session) { return 'There is no user logged in.' ; } const response = await fetch(`https://my-own-api` , { headers: { Authorization: `Bearer ${session.tokenSet.accessToken}`, }, }); if (response.ok) { return { result: await response.json() }; } return "I couldn't verify your identity" ; }, }); Call First Party APIs with OAuth
@auth0 | @deepu105 | deepu.tech Third Party APIs?
@auth0 | @deepu105 | deepu.tech OAuth Federation
@auth0 | @deepu105 | deepu.tech Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech // Connection for Google services
export const withGoogleConnection = auth0AI.withTokenForConnection ({ connection : 'google-oauth2' , scopes: ['https://www.googleapis.com/auth/calendar.events' ], refreshToken : getRefreshToken , }); // Wrapped tool export const checkUsersCalendarTool = withGoogleConnection ( tool({ description : 'Check user availability on a given date time on their calendar' , parameters : z.object({ date: z.coerce.date() }), execute: async ({ date }) => { // Get the access token from Auth0 AI const accessToken = await getAccessToken (); // Google SDK const calendar = getGoogleCalendar (accessToken ); const response = await calendar .freebusy .query({ auth, requestBody : { timeMin: formatISO (date), timeMax: addHours (date, 1).toISOString (), timeZone : 'UTC', items: [{ id: 'primary' }], }, }); return response .data?.calendars ?.primary?.busy?.length, }; }, }), ); Call Third Party APIs With Auth0 Token Vault
@auth0 | @deepu105 | deepu.tech Human-in-the-loop?
@auth0 | @deepu105 | deepu.tech Async Authorizations with CIBA Client-Initiated
Backchannel Authentication Flow
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({
userID: async () => { const user = await getUser(); return user?.sub as string; }, bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} of ${product}`, scopes: ['openid', 'product:buy'], audience: process.env['AUDIENCE']!, onUnauthorized: async (e: Error) => { if (e instanceof AccessDeniedInterrupt) { return 'The user has denied the request'; } return e.message; }, }); export const shopOnlineTool = withAsyncAuthorization( tool({ description: 'Tool to buy products online', parameters: z.object({ product: z.string(), qty: z.number() }), execute: async ({ product, qty, priceLimit }) => { const credentials = getCIBACredentials(); const accessToken = credentials?.accessToken; // Use access token to call first party APIs return `Ordering ${qty} ${product} with price limit ${priceLimit}`; }, }), ); Async AuthZ with Auth0
@auth0 | @deepu105 | deepu.tech Assistant0 github.com/auth0-samples/auth0- assistant0
@auth0 | @deepu105 | deepu.tech
@auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event
@auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/
Thank You