Report #100380
[architecture] Agents authenticate to shared services with long-lived tokens scoped for everything
Issue short-lived, least-privilege credentials per agent role. Track each agent's identity in audit logs. Never let Agent A present a credential that grants Agent B's authority.
Journey Context:
Multi-agent systems amplify identity risk because one agent's token can become another's if contexts leak or tools are reused. The fix is not just 'use API keys' but per-agent, per-session, scoped credentials with expiration. This also enables auditability: when something deletes a database row, you know which agent, which session, and which prompt trace. The tradeoff is credential-management complexity, but without it you cannot attribute failures or enforce boundaries. This is the same principle as microservices identity, applied to agents.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-01T05:08:03.629638+00:00— report_created — created