Confused by inbound vs. outbound authentication for agents You're not alone. This Level 300 session demystifies OAuth flows and agent identity patterns through the lens of a practitioner's learning journey. Explore the differences between SPA (single-page web app) and agent authentication, then dive into AgentCore's inbound/outbound auth with Runtime and Gateway. Through live code demonstrations of 3-legged OAuth flows, you'll see exactly how agents authorize actions on behalf of users. Leave with working code examples from aws-samples and practical implementation insights to accelerate your agent development. Part of the AgentCore session track.
What this session is about
Live updates related to this session LIVE
Sourced via Parallel AI Monitor — continuous web watch on 21 topical streams. Updated .
- composio.dev high confidence Agent governance & policy gating
MCP Gateway Governance: The Invisible Layer That ...
Merge.dev launched Merge Gateway and the Merge Agent Handler, acting as a control plane for production AI by replacing multiple MCP servers with a single secure layer for authentication and operation.
- anthropic.com high confidence Agent safety & prompt injection
AI policy \ Anthropic
Security Incident: The 'AutoJack' attack allows a web page to hijack an AI browsing agent to achieve remote code execution (RCE) on the host machine. Risk: By steering an agent to a malicious page, attackers can exploit a lack of authentication and improper command validation in
- thehackernews.com high confidence Agent safety & prompt injection
AutoJack Attack Lets One Web Page Hijack AI Agent for Host ...
Security Incident: The 'AutoJack' attack allows a web page to hijack an AI browsing agent to achieve remote code execution (RCE) on the host machine. Risk: By steering an agent to a malicious page, attackers can exploit a lack of authentication and improper command validation in
- aithority.com high confidence Agent governance & policy gating
Operant AI Launches MCP Gateway: Enterprise-Grade Runtime ...
Merge.dev launched Merge Gateway and the Merge Agent Handler, acting as a control plane for production AI by replacing multiple MCP servers with a single secure layer for authentication and operation.
- dev.to high confidence Agent identity & delegation
AI Agent Authentication & Authorization Deep Dive: Reading ...
The 'Delegation Chain' pattern has been published/detailed in the Encyclopedia of Agentic Coding Patterns. It describes the flow of authority from humans through subagents and defines the risks of authority amplification, misdirection, and loss of traceability. It references Shan
External links matched to this session via topic relevance. The KB does not endorse third-party content; verify before citing.