Website · Documentation · Blog
Agent-first Open Source Identity layer for Agents and Autonomous AI.
It is built for the age of agents and autonomous AI — where agents need to authenticate without browsers, delegate user permissions, talk to each other securely, and plug into MCP servers — while still covering every enterprise IAM need (SSO, RBAC, passkeys, SCIM, and more).
This repository contains the backend service and deployment scripts. The UI lives in a separate repository: authsec-ai/Authsec-ui.
The fastest way to run the full AuthSec stack locally or on a server.
Prerequisites: Docker Engine 24.0+, Docker Compose v2.20+, 4 GB RAM
git clone https://github.com/authsec-ai/authsec-ai.git
cd authsec-ai/scripts
bash setup.shOpen http://localhost once the script finishes.
The script brings up a complete, production-ready stack:
| Service | What it does |
|---|---|
| AuthSec backend | Go binary — auth flows, RBAC, OIDC, SCIM, CIBA, SPIFFE, MCP, migration |
| AuthSec UI | React 19 admin and end-user portal (separate repo, image pulled automatically) |
| Ory Hydra | Standards-compliant OAuth 2.0 / OIDC / SAML server |
| PostgreSQL | Master database + dynamic per-tenant databases |
| Redis | Session cache and rate limiting |
| HashiCorp Vault | Secrets storage for OIDC provider credentials |
| Nginx | Reverse proxy with optional TLS termination |
The script automatically:
- Checks that Docker and Compose are installed
- Asks for your deployment type and admin credentials
- Generates all secrets (JWT keys, encryption keys, Hydra system/cookie secrets)
- Writes a
.envfile - Pulls images and starts all services
- Runs the master database migration
- Creates your first admin account
For manual setup, custom domains, TLS, and production hardening — see scripts/README.md.
Modern AI agents can't open a browser login page. AuthSec supports CIBA (Client Initiated Backchannel Authentication) — an OAuth 2.0 extension (RFC 9126) that decouples where authentication is initiated from where the user approves it.
With CIBA:
- An agent initiates an auth request on behalf of a user using a channel for example voice
- The user receives an out-of-band prompt (voice call, push notification, SMS) to approve on a mobile app
- The agent receives tokens once the user approves — no browser redirect, no UI required
This powers voice-activated agents or other form of agents which do not need a web browser to operate: a user speaks a command, the agent triggers CIBA, the user confirms by voice, and the agent gets a scoped access token — all without a browser.
Resources: Documentation · Demo Video (coming soon) · Blog
When one agent needs to call another service or agent, you need a zero-trust, standards-based way to prove identity without managing static credentials.
AuthSec implements SPIFFE (Secure Production Identity Framework for Everyone) — each agent or workload gets a cryptographically verifiable SVID (SPIFFE Verifiable Identity Document). Authorization between agents uses these short-lived, automatically rotated identities.
- No API keys or shared secrets between services
- Works across clouds: native federation with AWS IAM, Azure AD, and GCP IAM
- Fine-grained RBAC/ABAC policies on top of workload identity
Agents that act on behalf of users need scoped, time-limited delegated credentials — not the user's full session. AuthSec provides token exchange and delegation flows that let you issue an agent a narrowly scoped JWT derived from the user's authenticated session, so agents can act autonomously without over-privileged access.
AuthSec provides built-in authentication and authorization for Model Context Protocol (MCP) servers. Agents connecting to MCP tools go through AuthSec to get verified, scoped tokens — ensuring every tool call is authenticated, audited, and permission-checked.
Full enterprise SSO for your users and workforce:
- SAML 2.0 identity provider and service provider flows (via Ory Hydra)
- OIDC federation — connect Google, GitHub, Microsoft, Okta, and any standards-compliant IdP
- AD / Microsoft Entra ID sync (LDAP + SCIM 2.0)
- Multi-tenant: each tenant gets isolated identity databases and configurable IdPs
If you want to develop or run only specific parts of the stack:
Backend only (Go 1.25+, PostgreSQL 14+):
cd authsec
cp .env.example .env
# Edit .env — set DB_* credentials and required secrets
go build -o authsec ./cmd/
./authsec
# API at http://localhost:7468Frontend only (Node.js >= 20, npm >= 10) — the UI is in a separate repository:
git clone https://github.com/authsec-ai/Authsec-ui.git
cd Authsec-ui
npm install
npm run build
export VITE_API_URL=http://localhost:7468
node server.js
# UI at http://localhost:3000Detailed setup instructions, environment variable references, and API docs:
- authsec/README.md — Backend
- Authsec-ui README — Frontend (separate repo)
- scripts/README.md — Deployment
- scripts/TROUBLESHOOTING.md — Common issues
Voice auth uses the CIBA flow. Once AuthSec is running:
- Register your agent as an OAuth2 client with
urn:openid:params:grant-type:cibagrant type enabled - Configure your Twilio credentials in
.env(TWILIO_ACCOUNT_SID,TWILIO_AUTH_TOKEN,TWILIO_FROM_NUMBER) - The agent calls
POST /authsec/uflow/ciba/initiatewith the user's identifier - AuthSec places a voice call to the user for approval
- Poll
POST /oauth2/tokenwithgrant_type=urn:openid:params:grant-type:cibauntil approved - Use the returned access token for subsequent API calls
See the CIBA API reference for full request/response examples.
AuthSec issues SPIFFE SVIDs to workloads so agents can call each other without static secrets.
- Enable the SPIRE module — set
ICP_SERVICE_URLin.env - Register each agent/service as a workload entry via
POST /authsec/spire/workloads - Each workload fetches its SVID from the SPIFFE Workload API
- Services validate incoming requests by verifying the SVID against the trust domain
- Apply RBAC/ABAC policies on workload identity via
POST /authsec/spire/policies
For cloud-native workloads, configure AWS/Azure/GCP federation so cloud-issued identities map to SPIFFE SVIDs automatically.
See the SPIRE module docs for workload registration and policy setup.
- Open the AuthSec admin UI at
http://localhost - Navigate to Identity Providers → Add Provider
- Choose SAML 2.0 or OIDC and fill in the provider metadata
- For OIDC providers: set
GOOGLE_CLIENT_SECRET,GITHUB_CLIENT_SECRET, orMICROSOFT_CLIENT_SECRETin.envfor social login - For SAML: upload the IdP metadata XML and download the AuthSec SP metadata to register with your IdP
- For AD / Entra ID sync: configure LDAP host or SCIM endpoint and set
SYNC_CONFIG_ENCRYPTION_KEY
See authsec/README.md for OIDC config manager and SCIM 2.0 API details.
- Register your MCP server as an OAuth2 client:
POST /authsec/clientms/clientswith appropriate scopes - Set
ICP_SERVICE_URLin.envto point to your MCP coordinator - Use the SDK manager endpoints (
/authsec/sdkmgr/) to create agent entries and issue scoped tokens - Agents authenticate to MCP via
POST /authsec/sdkmgr/agents/tokenand present the JWT to your MCP server - MCP server validates tokens via
GET /authsec/authmgr/token/verifyor the JWKS endpoint at/.well-known/jwks.json
See the SDK Manager docs for agent registration and token flows.
Join the conversation, ask questions, and share what you're building:
Discord (invite link coming soon)
We welcome contributions of all kinds — bug fixes, features, docs, and examples.
- Fork the relevant repository and create a branch from
main - For backend changes: fork authsec-ai/authsec-ai and work in authsec/ — follow existing Go conventions
- For frontend changes: fork authsec-ai/Authsec-ui — run
npm run lintandnpm run type-checkbefore submitting - For deployment changes: work in scripts/
- Add or update tests for your changes
- Open a pull request with a clear description of what and why
Bug reports and feature requests:
- Backend / deployment: authsec-ai/authsec-ai Issues
- Frontend: authsec-ai/Authsec-ui Issues
AuthSec is licensed under the Apache 2.0 License.