Every agent on a short leash.
An agent with a standing API key is a breach waiting to be replayed. OrthID gives every non-human identity scoped credentials, on-behalf-of delegation, and an audit trail - so nothing acts without a reason and a receipt.
Standing access is the risk.
Agents are spun up fast and forgotten faster. The long-lived key in an environment variable is the one nobody rotates - and the one an attacker wants most. The fix isn’t a better secret. It’s no standing secret at all.
An agent borrows exactly what a single task needs - imaging:read, not the keys to the org.
OAuth token exchange (RFC 8693) carries an act claim - provable provenance back to the human who authorised it.
The gateway holds the secrets and mints short-lived tokens. The agent gets a leash, never the key.
Tokens live for minutes and die on their own. Revoke a fleet instantly when something looks wrong.
Humans and agents land in the same tamper-evident log. Who, on whose behalf, with what scope, when.
Agents are real identities with lifecycle, owners and policy - not anonymous keys hiding in a config file.
Borrowed access, with provable provenance.
The agent never sees a long-lived secret. It exchanges a request for a short-lived token, scoped to one task and stamped with the user it acts for. When the task ends, so does the access - and the act claim is sealed to the audit trail.
const token = await orthid.agents.exchange({ // who authorised this run actor: "usr_4Qd2", grant: "on-behalf-of", scope: ["imaging:read"], ttl: 300, // 5 minutes, then dead }); // → act-claim: usr_4Qd2 · scope sealed to audit
Let the agents work. Keep the leash.
Scoped, on-behalf-of credentials with one audit trail for every identity - human or not.