Blog
Comparisons, insights, and the landscape of AI agent authentication.
AID 2026 Roadmap: Discovery, RFCs, and the IETF
What we just shipped (RFC 9728/8414 discovery), the standards we anchor to, and what's next for the Agent Identity protocol in 2026.
Why Agents Need Their Own Cryptographic Identity
Most agent-auth proposals model the agent as a session, a client, or a wallet. None give it its own identity. Here's what that costs you — and when it matters.
auth.md and AID: Complementary Layers, Not Competitors
WorkOS auth.md and Agent Identity (AID) solve different problems in AI agent authentication. Here's how they compose — and where each one wins.
Why We Implemented RFC 8628 for Agent Registration
AI agents on headless servers can't receive an admin JWT. We adopted the OAuth 2.0 Device Authorization Grant so agents can request their own registration while keeping humans in control of approval.
AID vs Agent Auth Protocol: Role-Based Simplicity vs Capability-Based Complexity
Two open protocols for AI agent authentication take fundamentally different approaches to authorization. One ships today with four shell scripts. The other is a comprehensive specification still looking for its first implementation.