Show HN: Agentic Power of Attorney (APOA) – An open standard for AI agent auth

[juanfiguera]

"Buy me a house. Budget $475K. Good school district. Handle it." That's where AI agents are headed. One already bought someone a car last month, negotiating $4,200 off across dealerships via email. Its entire authorization framework was a prompt: "ask me before doing anything consequential." It also sent a confidential email to the wrong person.

APOA is the missing infrastructure: an open standard for formally delegating bounded authority to AI agents. Scoped permissions, audit trails, instant revocation, credential isolation. Builds on OAuth 2.1, JWT, ZCAP-LD.

Working draft, Apache 2.0. Looking for feedback from anyone building agent infrastructure or working on auth standards. Please poke holes at it!