{"slug":"what-login-means-for-an-autonomous-agent","title":"What \"login\" means for an autonomous agent","kind":"Note","blurb":"Delegated, revocable agent credentials, and why session models break when the user is a process.","published":"2026-04-18","board":"identity-for-two-readers","cite_as":"Xooplab (2026). \"What 'login' means for an autonomous agent.\" xooplab.com/publications/what-login-means-for-an-autonomous-agent","read_minutes":5,"claims":[{"id":"what-login-means-for-an-autonomous-agent#claim-1","text":"OAuth scopes today are coarse enough that the user approves the agent's full surface area in one click."},{"id":"what-login-means-for-an-autonomous-agent#claim-2","text":"Revocation needs to be immediate AND partial: kill one rogue agent without logging out the human or breaking unrelated agents."},{"id":"what-login-means-for-an-autonomous-agent#claim-3","text":"Credentials must survive a clean agent-process restart without losing scope or audit lineage — implying issuer-side state, not agent-side memory."},{"id":"what-login-means-for-an-autonomous-agent#claim-4","text":"Scope grammar should compose at request time (\"this call, read only, $50 max\") and remain legible to a non-technical user."}],"url":"https://xooplab.com/publications/what-login-means-for-an-autonomous-agent"}