Working implementation 🚀 of Just-In-Time (#JIT) #Authorization for #AI #Agents
Our pattern, MCP-Native Authorization (MCP-NA), combines #OAuth 2.0 first-party interactive flows with #MCP #elicitation metadata to enable AI agents to orchestrate Human-In-The-Loop (#HITL) steps
Copilot MCP App demo👇
When you hear:
> I just vibe-coded and shipped a critical app to prod in 5 min
Missing: AuthN #OAuth #OIDC #Passkeys
No FGA (#OpenID #AuthZEN)
No Zero Trust principles
No multiple PEPs
No JIT AuthN/Z
No standards. No controls. No boundaries
And that’s just the start
The vibe-coded app security:
👀 at the #TwoGenIdentity #AuthZEN MCP Gateway with our new #Keycloak MCP app
See how #security #standards protect #AI driven workflows through an interactive UI, enabling an AI assistant to safely perform operations enforced by decoupled authz with #FGA and zero trust principles
youtu.be/V_gmPXFE_JU
Hard week, big wins 💪
• Launched AuthZEN Gateway: standardized API/AI authz
• Added MCP-aware feat for dynamic, context-based policy and FGA enforcement in Live Demo MCP Apps
•Added Live MCP App demo in Claude: secure, interactive AI workflows
Open standards. Secure AI at scale
youtu.be/wegISLqGKF4
Stop rebranding old #IAM problems by adding #AI.
#Agents didn’t create new gaps, they exposed existing ones.
The #standards exist and are battle tested.
The real #issue? Poor implementation and misused specs.
BUT when new #problems arise, #evolve the #standards. Don’t reinvent the wheel
Had a great time speaking at #Authenticate2025 by
@fidoalliance.bsky.social on enhancing UX with Native Authentication & #Passkeys
Shared insights on #identity #standards and how we can improve UX for #authentication & JIT #authorization across apps & #AI platforms with strong security
Excited to speak at @fidoalliance.bsky.social #Authenticate2025 about Native Authentication with #Passkeys
I'll cover in-app authentication & just-in-time authorization with OAuth 2.0 for First-Party Apps and the benefits of an API-first approach across Native, Web & #Agentic #AI platforms
[3/3] Third part: continuing the #AI #Agent demo with #OpenAI gpt-oss-20b
[2/3] Second part: demoing the #AI #Agent in action with #OpenAI gpt-oss-20b
Quick demo our #AI #Agent within the #TwoGenIdentity #Agentic AI platform is now running the open-source model #OpenAI gpt-oss-20b locally with our #Keycloak MCP server
Just chatting:
✅ Identity management actions are done
🔐 Native passkey step is required for critical ops
🤖 LLM runs locally
[1/3]
Sneak peak at #Midpoint #MCP server (Evolveum) for managing Midpoint IGA with natural language via LLMs & AI agents!
🔐 Secured with OAuth 2.0 + Fine-Grained Authz thanks
#OpenFGA
🚀 Developed & maintained by #TwoGenIdentity
Check out the demo using VS Code + Copilot (GPT-4o) to explore IAM use cases
Sneak peek of #Oryon, our #AI agent running on the #Agentic #AI Identity Access Plus platform!
Oryon powers real-world IAM tasks via our #Keycloak #MCP Server - the first agent to handle dynamic #authorization, step-up with #native #passkeys, and deliver a seamless UX.
youtu.be/h7gQoCKnym8
Genuinely impressed by how the #LLM/agent handled OAuth 2.0 use cases. While evolving the #Keycloak #MCP client for creating a client for machine-to-machine use case, it smartly disabled the "Standard Flow" (Authz Code flow) - no need in this case. First real "Wow" 🤯 moment.
This is Part 2 of our series exploring the #Keycloak MCP Server demo.
First look at the #Keycloak MCP server for managing Keycloak with natural language via LLMs & AI agents!
🔧 Built with Spring AI
🔐 Secured with OAuth 2.0 and Fine Grained Authz thanks
#OpenFGA
🧠 Cool demo below with VS Code + Copilot (GPT-4o) showcasing several IAM use cases (Part 1)
