kahalewai/agbac
AGent Based Access Control (AGBAC) is is an open, vendor-neutral security specification that defines how AI agents securely perform actions on behalf of humans using existing IAM technologies
Implements a dual-subject authorization model leveraging OAuth2 Token Exchange (RFC 8693) to enforce independent authorization of both AI agents and human users before action execution. Integrates seamlessly with existing enterprise IAM solutions—Okta, EntraID, Auth0, Keycloak—without introducing new token formats or cryptographic primitives. Includes threat modeling aligned with OWASP Top 10 LLM risks and NIST 800-207 Zero Trust, plus a reference Dual Auth library for immediate adoption.
Stars
7
Forks
8
Language
—
License
Apache-2.0
Category
Last pushed
Feb 28, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/kahalewai/agbac"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Featured in
Higher-rated alternatives
microsoft/agent-governance-toolkit
AI Agent Governance Toolkit — Policy enforcement, zero-trust identity, execution sandboxing, and...
ucsandman/DashClaw
🛡️Decision infrastructure for AI agents. Intercept actions, enforce guard policies, require...
vstorm-co/pydantic-ai-middleware
Middleware layer for Pydantic AI — intercept, transform & guard agent calls with 7 lifecycle...
mattijsmoens/sovereign-shield
AI security framework: tamper-proof action auditing, prompt injection firewall, ethical...
Dicklesworthstone/destructive_command_guard
The Destructive Command Guard (dcg) is for blocking dangerous git and shell commands from being...