I’ve been digging into Agent Identity, authentication/authorization patterns, and how it fits in with existing technology patterns (OAuth 2.0, OIDC, SPIFFE, etc) and where it may need new solutions. Someone made a point around identity and delegation to me recently that shines a bit of reality on this area:
