Eazo Agent Kit
GitHubOpen DashboardDashboard

Identity GenAuth

Give your agent its own identity.
Not your user's.

GenAuth maps human authority into scoped, revocable agent capabilities. Token Exchange, OAuth2 M2M, RBAC + ReBAC, MCP gateway — pre-wired and governed. Your agent calls Gmail with its own credentials, never the user's password.

Open DashboardView Docs

The choice

Why it exists

Without itthe hard way

Without it, agents borrow user tokens or run with root credentials. Prompt injection leaks them. One stolen agent = one compromised user. Audit logs can't tell "who actually did this" when every action carries the same human OAuth scope.

With itproduction-grade

Your agent gets its own short-lived digital badge — scoped, revocable, and audited per delegation. Gateway-level enforcement physically blocks privilege escalation, even when the LLM hallucinates. 30+ tools (Gmail, GitHub, Notion) are wired up as MCP tools, ready to call.

MCP ecosystem

One identity layer for every tool your agent touches.

GenAuth sits between agent intent and tool execution. It grants the minimum capability needed for the task, then records the full chain from human approval to third-party API result.

30+MCP tools15mtoken TTL0shared passwords
GGenAuthpolicy gateway
G
Googlecalendar.write
S
Slackchat.post
G
GitHubissues.comment
N
Notionpages.update
G
Gmailmail.send
S
Salesforcecrm.read
L
Linearticket.create
D
Drivefiles.read

Real workflow

Turn vague agent intent into governed, reviewable action.

The agent never borrows the user's login. It asks for one scoped badge, uses it across MCP tools, and leaves an audit trail a human can replay.

AI agent

Move next Tuesday's partner call to a free slot and email everyone.

I need temporary calendar and Gmail access for this task.

Ask GenAuth for delegation
Delegation request

Partner call reschedule

Human
Alice Chen
Agent
Scheduler
Expires
15 minutes
calendar.events.writegmail.messages.send
Execution

Find free slots

allowed

Create calendar event

allowed

Draft invite email

allowed
Tuesday2:30 PMPartner call

Identity controls

Authentication patterns without rebuilding the auth product.

Keep your branded login and enterprise controls, then extend them to agents: MFA, policy conditions, scoped sessions, and capability review all live in one model.

MFA policyStep-up when risk changes

Ask for proof only when a task crosses a boundary.

Policy builder
StartIf scope includes mail.sendRequire approvalRecord outcome

How it works

AI agentNo root credentialsSchedule a meeting andemail the invite list.Need delegated accesscalendar.read + gmail.sendask GenAuth for a badgeGenAuthScope checkPolicy + RBACShort-lived tokenscoped · revocable · auditedMCP toolsApproved actions onlyGoogle Calendarcalendar.events.writeGmailgmail.messages.sendNotionpages.updateGitHubissues.commentAudit trailhuman=Alice · agent=scheduler · scope=calendar.write,gmail.send · expires=15mallowedrequestexecute
  1. 1User issues an intent. The agent runs locally with no credentials.
  2. 2Agent requests a delegated token from GenAuth, scoped to one task.
  3. 3GenAuth issues a short-lived token after policy + scope checks.
  4. 4MCP Gateway proxies the API call (Gmail, GitHub, ...) using that token.
  5. 5Every step is logged. The audit trail names the human, agent, and scope.

What you can do

Three capabilities. One SDK call away.

Delegated badges

Token Exchange and OAuth2 M2M, pre-wired. Each agent gets a short-lived credential — scoped to one task, revoked the moment the task ends.

See it in docs →

Gateway enforcement

RBAC and ReBAC checks happen at the network edge. The LLM cannot escalate privilege by hallucinating — the gateway denies it before the call leaves your VPC.

See it in docs →

Replayable audit

Every delegation, every call, every outcome lands in an immutable timeline. Name the human, the agent, the scope, the result — compliance-ready out of the box.

See it in docs →

Code samples and the full API live in the docs. This page tells you why; docs tell you how.