AI Agent Security

On March 2, 2026, four engineers from Defakto Security, AWS, Zscaler, and Ping Identity published draft-klrc-aiagent-auth-00 — a 26-page IETF draft that finally gives AI agents a proper identity framework. Called AIMS (Agent Identity Management System), it doesn’t invent new protocols. Instead, it composes SPIFFE, WIMSE, and OAuth 2.0 into a coherent stack that solves the “how do AI agents prove who they are” problem. This matters because the current state of AI agent authentication is dire. An analysis of over 5,200 open-source MCP server implementations found that 53% rely on static API keys, while only 8.5% use OAuth. The AIMS framework provides the architecture to fix this — and with the EU AI Act’s high-risk system requirements taking effect August 2, 2026, the compliance clock is ticking. ...

The Model Context Protocol (MCP) defines how AI agents connect to external tools and data sources. When an MCP client (like Claude Desktop or a custom AI agent) needs to access a protected MCP server, it uses OAuth 2.1 — not OAuth 2.0 — as the authorization mechanism. This article explains exactly how MCP authentication works, what makes it different from traditional OAuth, and which identity providers actually support it. ...