|
|
|
|
|
|
by mooreds
51 days ago
|
|
|
Well, there's the token exchange RFC, which defines on-behalf-of/delegation and impersonation semantics. https://datatracker.ietf.org/doc/html/rfc8693 has all the details, but here's an example: {
"aud":"https://consumer.example.com",
"iss":"https://issuer.example.com",
"exp":1443904177,
"nbf":1443904077,
"sub":"user@example.com",
"act":
{
"sub":"admin@example.com"
}
}
In this case, the user is user@example.com, but the actor is admin@example.com. (In the agentic case, the actor would be the AI agent.)Is this kinda what you are looking for? |
|
|