AI Agent Identity and Permission Challenges: How Uber and Auth0 Are Rethinking Access Control
Uber recently described an internal architecture for propagating agent identity across multi-agent AI workflows. The design aims to preserve originating user context, agent provenance, and scoped access as agents delegate work and call internal tools. Uber’s case study aligns with Auth0’s argument that AI agents need permission models based on delegated authority, scoped credentials, and explicit human approval boundaries rather than conventional service accounts or broad OAuth scopes.