SOFIAH NICHOLE SALIVIO
Information Editor
Keycard has launched Keycard for Multi-Agent Apps, extending its identification and entry platform to autonomous software program methods.
The launch targets a rising space of AI software program design by which builders use a number of specialised brokers to hold out duties throughout enterprise capabilities akin to software program growth, operations, gross sales, advertising and finance. The brand new providing is designed to handle how these brokers determine themselves and procure entry as they hand work between each other.
Many groups constructing agent-based methods nonetheless depend on shared API keys, inherited credentials or persistent entry to attach instruments and brokers. That may depart software program with broader permissions than a particular activity requires, notably as AI brokers start to behave with much less direct human oversight.
Keycard’s system offers every agent a definite identification and ties entry to a particular session and activity somewhat than granting everlasting privileges. Every motion might be attributed throughout customers, brokers and methods, with entry narrowed as duties transfer by a sequence of brokers.
Builders can use software program growth kits for Python and TypeScript to construct brokers and instruments on the platform. An agent receives its identification by runtime attestation when it begins, and a session is then created when a consumer or one other agent initiates a activity.
The product helps three delegation fashions: brokers performing on their very own behalf throughout workflows; brokers performing on behalf of individuals or different brokers by express delegation; and brokers impersonating different brokers or people inside coverage limits for particular operational duties.
Authentication and coverage checks are constructed into token exchanges between brokers utilizing the OAuth 2.0 Token Trade customary. This lets permissions shrink at every step of a workflow in order that no agent holds extra entry than the duty or coverage permits, whereas tokens stay traceable, revocable and sure to the session.
In sensible phrases, Keycard is pitching the product at organisations making an attempt to maneuver from single AI assistants to networks of software program brokers that decision different brokers and instruments. That shift has created safety and governance questions for companies that need brokers to finish work with out opening unrestricted paths into inside methods, databases and third-party functions.
“Enterprises are rebuilding enterprise capabilities round AI brokers. Proper now the builders constructing these methods have to decide on: give brokers broad entry they usually’re ungovernable or lock them down and lose what makes them priceless,” stated Ian Livingstone, Co-Founder and Chief Govt Officer, Keycard.
“Brokers constructed utilizing Keycard do not expertise this trade-off, as they’ve their very own identification, delegate entry per-task and function with no standing privileges or static credentials,” Livingstone stated.
The identical identification mannequin can be used to attach brokers to APIs, databases and software-as-a-service platforms. Insurance policies set by builders and safety groups decide which assets an agent can entry, what it could possibly delegate and the way far these permissions can prolong by a sequence of duties.
Any coverage change triggers revocation throughout affected brokers and periods. The platform additionally manages token issuance, storage, rotation, attenuation and revocation, eradicating the necessity for builders to handle tokens immediately.
Buyer instance
Keycard included an instance from Chime, which has used the platform in manufacturing environments.
“We wished our engineers deploying brokers and instruments into manufacturing while not having to be safety or identification consultants. Keycard’s platform made that attainable. We had brokers working in opposition to manufacturing methods in days,” stated Dennis Yang, Principal Product Supervisor for Generative AI, Chime.
Keycard stated the product works throughout cloud suppliers and utility environments together with AWS, GCP, Azure, Vercel, Cloudflare and Fly.io. It is usually designed to work with agent frameworks and protocols together with LangChain, Mastra, MCP, A2A and OAuth 2.1, in addition to fashions and instruments akin to ChatGPT, Claude, Codex, OpenClaw and Pi.
The broader platform helps identification federation and monitoring by OIDC, SCIM and audit logging throughout agent interactions. Keycard positioned the launch as a part of the identical platform used for its coding-agent product, providing one system for organisations in search of to construct, deploy and govern AI brokers and join them to enterprise companies.
Keycard for Multi-Agent Apps is offered in early entry.