User-delegated access Machine-to-machine auth Choosing the right authentication pattern

Supported authentication patterns

AgentCore Identity supports two primary authentication patterns that address different agent use cases. Understanding these patterns will help you choose the right approach for your specific agent implementation.

For detailed examples of how these patterns apply to specific industries and agent types, see Example use cases.

Topics

User-delegated access (OAuth 2.0 authorization code grant)
Machine-to-machine authentication (OAuth 2.0 client credentials grant)
Choosing the right authentication pattern

User-delegated access (OAuth 2.0 authorization code grant)

The OAuth 2.0 authorization code grant flow enables agents to access user-specific data with explicit user consent. This pattern is essential when agents need to access personal data or perform actions on behalf of specific users. The flow includes a user consent step where the resource owner (user) explicitly authorizes the agent to access their data within specific scopes.

Key characteristics:

Requires explicit user consent through an authorization prompt
Provides access to user-specific data and resources
Maintains clear separation between agent identity and user authorization
Supports fine-grained scopes that limit what data the agent can access

Example scenario: A productivity agent needs to access a user's Google Calendar to schedule meetings, their Gmail to send emails, and their Google Drive to store documents. The agent uses the OAuth 2.0 authorization code grant to obtain user consent for each service, with specific scopes that limit access to only the necessary data. The user explicitly authorizes the agent through Google's consent screen, and AgentCore Identity securely stores the resulting credentials for future use.

This pattern is ideal for personal assistant agents, customer service agents, and any scenario where agents need access to user-specific data across multiple services. For detailed industry-specific examples, see Personal assistant agents and Customer service agents.

Machine-to-machine authentication (OAuth 2.0 client credentials grant)

The OAuth 2.0 client credentials grant flow enables direct authentication between systems without user interaction. This pattern is appropriate when agents need to access resources that aren't user-specific or when agents act themselves with pre-authorized user consent.

Key characteristics:

No user interaction or consent required
Agent authenticates directly with resource servers using its own credentials
Suitable for background processes, scheduled tasks, and system-level operations
Permissions are defined at the agent level rather than per-user

Example scenario: An enterprise data processing agent needs to collect data from multiple internal systems, process it, and store the results in a data warehouse. The agent uses the OAuth 2.0 client credentials grant to authenticate directly with each system using its own identity and pre-configured permissions. No user interaction is required, and the agent can operate when agents act themselves with pre-authorized user consent on scheduled intervals.

This pattern is ideal for enterprise automation agents, data processing workflows, and DevOps automation. For detailed industry-specific examples, see Enterprise automation agents, Data processing and analytics agents, and Development and DevOps agents.

Choosing the right authentication pattern

When designing your agent authentication strategy, consider these factors to determine which pattern is most appropriate:

Authentication pattern selection guide
Factor	User-delegated access (OAuth 2.0 authorization code grant)	Machine-to-machine authentication (OAuth 2.0 client credentials grant)
Data ownership	User-specific data (emails, documents, personal calendars)	System or organization-owned data (analytics, logs, shared resources)
User interaction	User is present and can provide consent	No user interaction required or available
Operation timing	Interactive, real-time operations	Background, scheduled, or batch operations
Permission scope	Permissions vary by user and their consent choices	Consistent permissions defined at the agent level

Many agent implementations will require both patterns for different aspects of their functionality. For example, a customer service agent might use user-delegated access to retrieve a specific customer's data while using machine-to-machine authentication to access company knowledge bases and internal systems. AgentCore Identity supports both patterns simultaneously, allowing agents to use the most appropriate authentication mechanism for each resource they need to access.

Both authentication patterns benefit from AgentCore Identity's core capabilities:

Secure credential storage without exposing secrets to agent code
Consistent authentication interfaces across multiple resource types
Comprehensive audit logging for security and compliance
Fine-grained access controls based on identity and context
Simplified integration through the AgentCore SDK

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Managing credential providers

Configure credential provider