maledias

Posts

Mar 2, 2026
Fine-Grained Tool Authorization for AI Agents
AI agents have tools. Which tools any given user should be able to invoke — and under what conditions — is an authorization problem. It’s one many agent developers don’t encounter until they’re deep in implementation, and one the industry has been solving for decades in traditional software.
Feb 28, 2026
OAuth 2.0 from the AI Engineer's Perspective
This post is a practical guide to OAuth 2.0 for AI engineers. It covers the core concepts — roles, scopes, access tokens, and JWTs — and then goes deep on the grant types most relevant to AI and agentic systems: Authorization Code, Authorization Code with PKCE, Client Credentials, Refresh Token, Device Authorization, and Token Exchange. Along the way, it maps each grant type to real agentic scenarios, explains how OAuth 2.0 relates to OpenID Connect, and gives you a decision framework for choosing the right grant type in your own systems.