Keycard, the provider of identity and access for AI agents, announced Keycard for Multi-Agent Apps, extending its platform to support delegated, session-based access across systems of autonomous agents. Keycard lets developers build apps where every agent has its own identity, access is scoped to each task and every action is fully attributable across agents, users and systems.
Keycard for Multi-Agent Apps supports delegated, session-based access with no standing privileges or static credentials.
Three delegation patterns: agents acting on own behalf, on behalf of humans/other agents, or impersonating under policy constraints.
Supports OAuth 2.0 Token Exchange (RFC 8693) for policy evaluation at each token exchange.
SDKs for Python, TypeScript, Go integrate with LangChain, Mastra; works with ChatGPT, Claude, Codex, OpenClaw, Pi.
Deploys across Vercel, Cloudflare, AWS, GCP, Azure; identity travels with agent with no static secrets.
Available in early access; documentation at docs.keycard.ai.
“Enterprises are rebuilding business functions around AI agents. Right now the developers building these systems have to choose: give agents broad access and they're ungovernable or lock them down and lose what makes them valuable,” said Ian Livingstone, co-founder and CEO of Keycard. “Agents built using Keycard don't experience this trade-off, as they have their own identity, delegate access per-task and operate with no standing privileges or static credentials.”
“We wanted our engineers deploying agents and tools into production without needing to be security or identity experts. Keycard's platform made that possible. We had agents running against production systems in days,” said Dennis Yang, Principal Product Manager for Generative AI at Chime.
Multi-agent architectures are becoming the standard approach to building AI apps, with specialized agents increasingly being used by general-purpose agents to complete complex tasks. The problem is structural: most teams rely on shared API keys, inherited credentials or persistent access to connect these agents, none of which limit access to what the task actually requires. Traditional approaches to service identity and access control were designed for a world of human operators, not agent-to-agent delegation.
Agents acting on their own behalf across multi-hop workflows, each with scoped identity and delegated access.
Agents acting on behalf of humans or other agents through explicit delegation, preserving the full chain of authority from the originating user to every downstream agent.
Agents impersonating other agents or humans under policy constraints for specific operational workflows, with complete audit transparency.
All three patterns use the same SDK, the same policy engine and the same control plane. As agents delegate work to other agents or call tools, Keycard evaluates policy as part of every token exchange using OAuth 2.0 Token Exchange (RFC 8693), scoping access to the task and narrowing permissions at each hop.
Import identity, instead of building it: SDKs for Python, TypeScript and Go integrate with LangChain, Mastra and more.
Work with any agent: Natively accessible to ChatGPT, Claude, Codex and any agent or tool that speaks MCP, A2A or OAuth 2.1.
Deploy across any platform: Runs on Vercel, Cloudflare, Fly.io, AWS, GCP, Azure and more.
Connect agents to any tool or service: Scoped, session-bound credentials work for APIs, databases and SaaS platforms.
Control what every agent can do: Policies control which agents can access which resources and what they can delegate.
No token management required: Keycard manages the full token lifecycle from issuance to revocation.
Keycard's mission is to unlock the power of AI agents by giving developers and enterprises the foundations they need to build and adopt trusted agentic applications at scale. Its identity and access platform provides real-time, contextual guardrails, enabling the transition from static, human-driven workflows to machine-driven, autonomous, agentic applications. Keycard is a remote-first company and backed by Andreessen Horowitz, boldstart ventures and Acrew Capital.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.