Skip to content

Agent And MCP Auth

Use this page when an AI agent, tool runner, or MCP server needs controlled access to APIs or tools through SigID.

This is optional for normal user login. Start here only when your product has agents, delegated actions, tool calls, or MCP servers.

What SigID Adds For Agents

SigID can represent agents as scoped principals. That means your backend can distinguish:

  • a human user acting directly
  • an agent acting under policy
  • a delegated call approved or triggered by a human
  • a tool or MCP server request that must be checked before it runs

Agent Integration Path

  1. Decide what the agent is allowed to do.
  2. Register or identify the agent in the workspace or tenant.
  3. Request delegated access only for needed scopes.
  4. Validate agent or delegated tokens at every backend boundary.
  5. Log subject ID, tenant ID, tool name, request ID, and decision.
  6. Keep approval, audit, and revocation paths visible to operators.

MCP Server Pattern

Protect MCP tool calls the same way you protect backend APIs:

  • require a valid bearer token
  • validate issuer, audience, tenant, expiry, scopes, and subject type
  • distinguish human-triggered delegated access from autonomous agent access
  • reject unknown or overbroad scopes
  • log decisions without logging raw tokens or secrets

For protocol-level delegated access, see OAuth And OIDC. For token details, see Claims And Scopes.

Detailed Agent Reference

For depth beyond the integration path above, these reference pages cover each agent surface in detail: