OAIAF v0.1.0 Release Notes¶
Release Date: June 29, 2026
This is the initial release of the Open Agentic Identity and Authorization Framework (OAIAF).
Highlights¶
- Five-Layer Identity Stack: Complete architecture for agent identity from lifecycle management through authorization
- Go SDK: Production-ready providers for ID-JAG, AAuth, and AIMS
- SPIFFE Integration: Workload identity support via AIMS provider
- Comprehensive Documentation: Architecture docs, protocol flows, and PIDL diagrams
What's New¶
Core Framework¶
The OAIAF Go SDK provides a unified interface for agent identity and authorization:
import "github.com/aistandardsio/oaiaf"
// Create an agent with identity providers
agent := oaiaf.NewAgent(
oaiaf.WithIDJAG(idjagProvider),
oaiaf.WithAAuth(aauthProvider),
oaiaf.WithAIMS(aimsProvider),
)
Five-Layer Architecture¶
OAIAF implements a layered identity stack:
| Layer | Purpose | Standards |
|---|---|---|
| 1. Lifecycle | Agent provisioning | SCIM, SCIM-Agents |
| 2. Workload | Runtime identity | SPIFFE, WIMSE, AIMS |
| 3. Agent Auth | Agent authentication | AAuth |
| 4. Human Delegation | User identity delegation | ID-JAG, OAuth 2.1 |
| 5. Authorization | Access control decisions | AuthZEN, Cedar, OpenFGA |
Providers¶
Three providers are included in this release:
- ID-JAG Provider: Cross-application identity delegation using JWT assertions
- AAuth Provider: Agent authorization with mission-based consent and HTTP signatures
- AIMS Provider: SPIFFE-based workload identity for agent runtimes
Documentation¶
- Comprehensive architecture documentation covering all five layers
- Protocol flow diagrams using PIDL notation
- MkDocs site with navigation and search
- Ecosystem roadmap with implementation phases
Getting Started¶
Installation¶
Example Usage¶
See the examples/ directory for complete working examples:
examples/basic/- Simple agent with single providerexamples/full-stack/- Agent using all three providers
What's Next¶
See the Ecosystem Roadmap for planned features:
- Phase 1: AuthZEN client for PEP-PDP communication
- Phase 2: Cedar and OpenFGA policy engine integrations
- Phase 3: SCIM-Agents lifecycle management
- Phase 4: Multi-agent orchestration patterns
Links¶
Contributors¶
Thanks to all contributors to this initial release.