Aegis-Agent: Stateless AI Identity & Secure GitHub Auth

A stateless, zero-trust AI agent for secure GitHub automation using RFC 8693 token exchange.

Comment

🛡️ Aegis-Agent: Stateless AI Identity & Secure GitHub Auth

Inspiration

Current AI agents rely on "forever keys"—long-lived API tokens stored in databases. If that database is breached, every user's identity is compromised. We wanted to build a stateless agent where the backend has zero memory of your credentials.

We asked: What if an AI could act on your behalf without ever knowing who you are?

What It Does

Aegis-Agent is a secure GitHub AI assistant that performs real repository management tasks without ever storing a persistent token. Using a federated identity handshake, it negotiates short-lived, scoped access on every request.

Users can list repositories, manage issues, and view stats through a natural language interface, knowing their credentials are discarded immediately.

How We Built It

  • Backend: Python + FastAPI for stateless token exchange.
  • AI Engine: Gemini 1.5 Flash for high-speed natural language intent parsing.
  • Identity Layer: Auth0 Token Vault implementing the full RFC 8693 OAuth 2.0 Token Exchange protocol.
  • Security: Strict permission boundaries and volatile memory storage.

The Technical Flow

  1. User Logs In: Auth0 issues a session token.
  2. Exchange: Agent requests a GitHub-scoped token via the Token Vault.
  3. Action: The Agent performs the task and the token is purged from memory.

Challenges We Ran Into

Implementing RFC 8693 correctly was the hardest part—specifically passing the Auth0 access_token as a subject_token to get a GitHub-scoped token. We also had to ensure the AI couldn't exceed its authorized scope during natural language commands, which we solved with backend action whitelisting.

Accomplishments We're Proud Of

  • Performed "write" actions on GitHub with zero tokens stored in our database.
  • Implemented a full RFC 8693 token exchange flow in Python.
  • Built a working zero-trust model for an autonomous AI agent.

What We Learned

Stateless Identity is a requirement for the next generation of AI. We learned how federated identity protocols work in practice and how to ground AI intent in strict authorization scopes.

What's Next

  • Multi-provider support: Extend Token Vault to Slack and Jira.
  • Step-up auth: For all destructive actions like deleting a repo.
  • Fine-grained authorization: Using Auth0 FGA per user role.

Blog Post: The Quest for Stateless Identity

When we started this project, we had one goal: to solve the "Forever Key" problem. Most AI agents today are built on a dangerous foundation: they store long-lived API tokens in a database. If that database is breached, every user's digital identity is compromised. We wanted to build something different. We wanted to build Aegis-Agent.

The Technical Hurdle: Real-Time Trust

The biggest challenge was moving away from persistent storage. We wanted a system where the backend has zero memory of your credentials. Achieving this meant deep-diving into the RFC 8693 (Token Exchange) protocol. The hurdle wasn't just understanding the theory; it was implementing a real-time "handshake" that could transform a standard Auth0 session into a short-lived, scoped GitHub token in milliseconds.

We spent hours debugging the flow, making sure the session token was securely passed as a subject token and that the resulting actor token was restricted to only the specific actions the AI needed to perform.

Why Token Vault Changed the Game

The Auth0 Token Vault was the missing piece of our puzzle. It enabled a "Zero-Trust" architecture. Instead of our server acting as a middleman that "holds" your keys, it became a stateless executor. We learned that the most secure database is the one that doesn't exist.

The Result

The moment of victory was seeing our AI agent create a GitHub issue using a token that existed only in the server's volatile memory. Once the task was done, the token vanished. Building Aegis-Agent taught us that security in the age of AI isn't just about encryption—it's about ephemeral identity. We’ve built more than a tool; we’ve built a blueprint for a safer, stateless future for AI agency.

Built With

Share this project:

Updates