OAuth3: Proposed Agent Delegation Model
A proposed standard for AI agent delegation. Scoped permissions, instant revocation, full audit trails.
Status:Draft proposal by Phuc Labs. Not ratified by IETF, W3C, or any standards body. Feedback welcome.
What is OAuth3?
OAuth 2.0 was built for delegated authorization between apps. OAuth3 extends this to AI agents.
OAuth3 is a proposed delegation standard for the AI era. It addresses four critical problems:
How OAuth3 Works
The Four Pillars
Granular Scopes
Not “access all email” but “read emails from boss, never delete any.” Permissions are specific. Agents can’t exceed their mandate.
Explicit Consent
You see exactly what the agent wants. You approve or deny. No silent permissions. No surprise access.
Instant Revocation
Stop trusting an agent? Revoke its access instantly. Tokens die immediately. No waiting for password changes.
Full Audit Trail
OAuth3 is designed to support signed, timestamped action logs. See every action the agent took, when it took it, and why. Architected for FDA Part 11 compliance (customer validation required for full certification).
Why OAuth3 Matters
Existing problems: Today, you either give an agent full access or no access at all.
OAuth3 solution: An OAuth3 token contains three things: scope, TTL, and evidence requirements.
The OAuth3 Token
Notice: the agent can READ inbox but not SEND. It can DRAFT replies but not DELIVER. Every action is logged.
Notice: the agent can READ inbox but not SEND.
Ready to Delegate Safely?
Ready to delegate safely?