Skip to main content

4 posts tagged with "authentication"

View All Tags

A unified framework for browser and API authentication

· 5 min read
Emma Burrows
Co-founder and CTO

The core of the Portia authorization framework is the ability for an agent to pause itself to solicit a user's authorization for an action it wants to perform. With delegated OAuth, we do this by creating an OAuth link that the user clicks on to grant Portia a token that can be used for the API requests made by the agent. We generally like API based agents for reliability reasons – they're fast, predictable and the rise of MCP means integration is getting easier.

However, there are some actions which are not easily accessible by API (my supermarket doesn't have a delegated OAuth flow surprisingly!), and so, there is huge power in being able to switch seamlessly between browser based and API based tasks. The question was, how to do this consistently and securely with our authorization framework.

Seamless human agent interactions with just-in-time authorization

· 5 min read
Emma Burrows
Co-founder and CTO
Mounir Mouawad
Co-founder and CEO

In part 1 of this series, we established why there is a need for a Just-In-Time (JIT) authorization system, whereby an agent has the ability to authorize itself only at the point where it is very likely that they will 1/ need that authorization and 2/ that they are clear what they will use it for. In this section, we’ll look at how we have done this at Portia AI.

Why authentication is a challenge for AI agents

· 5 min read
Emma Burrows
Co-founder and CTO
Mounir Mouawad
Co-founder and CEO

AI Agents are a rapidly evolving technology in the AI space. The introduction of LLMs and the ability for LLMs to interact with other software autonomously has paved the way for a new wave of technological innovation. This is an exciting development but it needs appropriate guardrails to ensure that an agent is really enacting your wishes and not sending rogue emails on your behalf to your entire address book. This is the first of a 2-part series that discusses some of the challenges of appropriately authenticating and authorizing agents so they can safely fulfill requests.

What's next for Browser Agents? 🤔

· 5 min read
Emma Burrows
Co-founder and CTO
Mounir Mouawad
Co-founder and CEO
TLDR

I've been tinkering with browser automation recently (e.g., building a bot to search and buy on Amazon), and Operator’s release got me thinking about the future of these tools. Here are 3 key challenges browser agents face today:
1️⃣   Moving from text-only to multi-modal AI models.
2️⃣   Solving authentication without blending in with bad bots.
3️⃣   Enabling human-in-the-loop collaboration that's seamless and smart.

In this post we unpack these challenges, share insights, and explore what’s next for browser agents. Would you trust browser agents with your day-to-day tasks? Let me know your thoughts! 👇