Skip to content

OAIAF v0.1.0 Release Notes

Release Date: June 29, 2026

This is the initial release of the Open Agentic Identity and Authorization Framework (OAIAF).

Highlights

  • Five-Layer Identity Stack: Complete architecture for agent identity from lifecycle management through authorization
  • Go SDK: Production-ready providers for ID-JAG, AAuth, and AIMS
  • SPIFFE Integration: Workload identity support via AIMS provider
  • Comprehensive Documentation: Architecture docs, protocol flows, and PIDL diagrams

What's New

Core Framework

The OAIAF Go SDK provides a unified interface for agent identity and authorization:

import "github.com/aistandardsio/oaiaf"

// Create an agent with identity providers
agent := oaiaf.NewAgent(
    oaiaf.WithIDJAG(idjagProvider),
    oaiaf.WithAAuth(aauthProvider),
    oaiaf.WithAIMS(aimsProvider),
)

Five-Layer Architecture

OAIAF implements a layered identity stack:

Layer Purpose Standards
1. Lifecycle Agent provisioning SCIM, SCIM-Agents
2. Workload Runtime identity SPIFFE, WIMSE, AIMS
3. Agent Auth Agent authentication AAuth
4. Human Delegation User identity delegation ID-JAG, OAuth 2.1
5. Authorization Access control decisions AuthZEN, Cedar, OpenFGA

Providers

Three providers are included in this release:

  • ID-JAG Provider: Cross-application identity delegation using JWT assertions
  • AAuth Provider: Agent authorization with mission-based consent and HTTP signatures
  • AIMS Provider: SPIFFE-based workload identity for agent runtimes

Documentation

  • Comprehensive architecture documentation covering all five layers
  • Protocol flow diagrams using PIDL notation
  • MkDocs site with navigation and search
  • Ecosystem roadmap with implementation phases

Getting Started

Installation

go get github.com/aistandardsio/oaiaf@v0.1.0

Example Usage

See the examples/ directory for complete working examples:

  • examples/basic/ - Simple agent with single provider
  • examples/full-stack/ - Agent using all three providers

What's Next

See the Ecosystem Roadmap for planned features:

  • Phase 1: AuthZEN client for PEP-PDP communication
  • Phase 2: Cedar and OpenFGA policy engine integrations
  • Phase 3: SCIM-Agents lifecycle management
  • Phase 4: Multi-agent orchestration patterns

Contributors

Thanks to all contributors to this initial release.