This paper proposes a portable authorization standard for autonomous AI agents operating across organizational boundaries. The idea is that identity alone isn't enough—agents need explicit, auditable, revocable authority tokens that specify what they're allowed to do, with constraint algebra and fail-closed semantics. The model separates credential containers (like JWTs or Verifiable Credentials) from the authorization payload itself, enabling consistent enforcement across trust boundaries.
Main takeaways:
- Autonomous enterprise agents need more than identity; they need machine-readable authority scopes that other systems can audit and enforce without human oversight.
- Existing identity standards (OAuth, JWTs) don't cleanly express delegation, attenuation (narrowing permissions when passing authority along), or governed semantic resolution.
- The proposed model uses typed constraint algebra, decision-consistent evaluation, and fail-closed processing, meaning ambiguous or unverifiable requests are denied by default.
- Authority payloads are issuer-authored and portable across different credential formats (JWT, Verifiable Credentials, OAuth RAR).
- Use cases include insurance claims and supply chain, where agents negotiate outcomes and execute workflows across organizational boundaries.