Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Authentication

Pattern

A reusable solution you can apply to your work.

Also known as: AuthN, Identity Verification

Context

This is a tactical pattern. Whenever a request crosses a trust boundary, the first question is: who is making this request? Authentication answers that question. It establishes identity, nothing more. It doesn’t decide what the actor is allowed to do; that’s authorization.

In agentic workflows, authentication applies to agents as well as humans. When an AI agent calls an API on your behalf, the API needs to know who (or what) is making the request and whether that identity is legitimate.

Problem

Systems serve multiple actors: users, services, agents, automated jobs. Each should be treated according to its identity, but identity can be faked. An attacker who impersonates a legitimate user gains that user’s access. How do you reliably establish who is acting before deciding what they’re allowed to do?

Forces

  • Stronger authentication (hardware keys, for example) is more secure but creates friction for users.
  • Passwords are familiar but routinely compromised through phishing, reuse, and weak choices.
  • Machine-to-machine authentication (API keys, service accounts) must be automated, which means secrets must be managed carefully.
  • Multi-factor authentication increases security but adds complexity and failure modes.

Solution

Require every actor to prove its identity before granting access. The proof can take several forms, often combined:

  • Something you know: a password or passphrase.
  • Something you have: a hardware key, a phone receiving a one-time code, or an API token.
  • Something you are: a biometric like a fingerprint.

For human users, the modern standard is a strong password combined with a second factor. For machine-to-machine communication, use short-lived tokens (like OAuth access tokens or JWTs) rather than long-lived API keys where possible. For AI agents acting on behalf of users, use scoped tokens that grant only the permissions the agent needs, connecting authentication directly to least privilege.

Authentication should happen at the boundary, not deep inside the system. Verify identity once at the entry point, then pass a verified identity token through internal layers rather than re-authenticating at every step.

How It Plays Out

A developer builds a REST API and protects it with API keys. Each client includes its key in the request header. This works until one key is accidentally committed to a public repository. Because the key grants full access and never expires, the attacker has everything. Switching to short-lived OAuth tokens with automatic rotation would limit the damage from any single leaked credential.

An agentic coding tool needs to access a developer’s GitHub repositories. Rather than receiving the developer’s password, it uses an OAuth flow: the developer authorizes the agent through GitHub’s UI, and the agent receives a scoped token that can read repositories but can’t delete them or access billing. The agent’s identity is established, and its access is limited by design.

Tip

When setting up an AI agent with access to external services, always use scoped tokens rather than your personal credentials. If the agent’s session is compromised, the damage stays bounded.

Example Prompt

“Set up OAuth 2.0 authentication for the GitHub integration. Use scoped tokens — the agent should be able to read repositories and open pull requests but not delete branches or access billing.”

Consequences

Proper authentication means access control decisions are based on real identities rather than assumptions. It creates an audit trail: you can log who did what. It lets authorization work correctly, since permission checks are meaningless without verified identity.

The costs include user friction (login flows, password resets, MFA prompts), engineering effort (token management, session handling, credential storage), and operational burden (monitoring for compromised credentials, rotating secrets). Authentication systems are also high-value targets. A flaw in your login flow can compromise every account in your system.

  • Enables: Authorization. You must know who someone is before deciding what they can do.
  • Uses: Secret. Credentials are secrets that must be protected.
  • Uses: Trust Boundary. Authentication happens at trust boundaries.
  • Refined by: Least Privilege. Authenticated identities should receive minimal permissions.