Drift - Agent Identity & Authorization Platform

Drift gives AI agents verified identity via Auth0 M2M, scoped credentials via Token Vault, CIBA human approval, and a tamper-proof audit trail. The trust layer the agent economy needs.

Comment

PROJECT STORY

What is Drift?

Drift is an open infrastructure platform that gives every AI agent a verified identity, scoped permissions, human approval gates, and a tamper-proof audit trail, all powered by Auth0.

Live demo: https://drift-demo-v2.vercel.app
API: https://drift-demo-three.vercel.app/health
GitHub: https://github.com/obooks29/drift

The Problem

As enterprises deploy AI agents at scale, agents that book flights, charge corporate cards, send emails, and make decisions autonomously, there is no standard way to:

  • Verify which agent is making a request
  • Enforce what it's allowed to do
  • Get human approval before consequential actions
  • Audit what it actually did

Every company is solving this differently and badly. API keys are hardcoded. Agents have over-broad access. No audit trail exists.

The Solution: Four Primitives Built on Auth0

Drift Primitive Auth0 Feature What It Solves
AgentID M2M Application Verified cryptographic identity per agent
ScopeGraph Token Vault Minimum-viable permission enforcement
ConsentChain CIBA Human-in-the-loop for high-stakes actions
ActionLedger Log Streams + WebSocket Tamper-evident audit trail, real-time

Apex - a Groq-powered meta-agent, orchestrates all four, watches every registered agent, detects anomalies, and can suspend any agent instantly.

Token Vault - The Architectural Foundation

Token Vault is not peripheral to Drift. It is the foundation of the entire credential model.

When a developer registers an agent at https://drift-demo-v2.vercel.app:

  1. Each scope grant maps to a distinct Token Vault key
  2. Agent calls drift.agents.getTokenForAction() - Token Vault returns a scoped, short-lived token
  3. The agent never stores credentials. Zero tokens in code.
  4. Revoking one scope removes only that key; others unaffected

This design eliminated an entire credential exposure surface from the Drift codebase and saved approximately 3–4 days of engineering time.

Auth0 CIBA - Human Approval for High-Stakes Actions

For actions marked stepUpRequired (e.g. card:charge):

  1. Agent tries to execute card:charge
  2. Drift detects step-up requirement via ScopeGraph
  3. Auth0 CIBA sends async push notification to delegating user
  4. User sees binding code on both screen and phone, confirms intent
  5. Approve or reject - decision returned to agent
  6. Recorded in ConsentChain - HMAC-signed, tamper-evident

The Live Demo

Try it at: https://drift-demo-v2.vercel.app

A travel booking agent books flights, selects hotels, and charges a corporate card, with full Drift authorization enforced at every step:

  1. Register - Auth0 M2M provisioned, AgentID issued, Token Vault configured
  2. Search flights - flights:book checked, Token Vault supplies credential
  3. Search hotels - same pattern, action logged in real-time ActionLedger
  4. Charge card - card:charge triggers Auth0 CIBA, binding code displayed
  5. Approve/Reject - human decision recorded in ConsentChain
  6. 14 ActionLedger entries - every action authorized, scoped, and logged

Tech Stack

Next.js 14, Fastify, Prisma, Neon PostgreSQL, Auth0 (Token Vault + M2M + CIBA + Management API), Groq + Llama 3, TypeScript SDK, Vercel, Turborepo

GitHub

https://github.com/obooks29/drift

Bonus Blog Post

Building the Authorization Layer for the AI Agent Economy

## Bonus Blog Post

The web solved human identity with OAuth 2.0. Auth0 turned that complexity into a single line of code and was sold for $6.5 billion. We're entering a new era where AI agents act autonomously on users' behalf, and they have an identity crisis.

When I built Drift (https://drift-demo-v2.vercel.app), the hardest problem wasn't the UI or the API. It was credentials. Every agent needed to call third-party services, flights APIs, hotel APIs, payment processors. The naive solution is environment variables. But environment variables are shared, unscoped, and impossible to revoke per-agent.

Token Vault changed everything.

When you register an agent with Drift, each scope grant maps to a distinct Token Vault key. flights:book and card:charge are stored separately. The agent calls drift.agents.getTokenForAction() - Drift retrieves the scoped credential from Token Vault and returns a short-lived token. The agent never sees the raw credential. The developer never stores tokens in code.

This single architectural decision, scope-as-key, eliminated an entire class of credential exposure risk. It also made revocation surgical: remove card:charge from an agent without touching any other permission. Token Vault saved approximately 3–4 days of engineering time and replaced an entire security review surface with a single API call.

The second hard problem was consent. How do you get human approval for a $500 charge that an agent decides to make at 2am? Auth0 CIBA answered this. Drift wraps CIBA in the ConsentChain, every approval is HMAC-signed and chained to the previous record, creating tamper-evident infrastructure that compliance teams will eventually require for all agentic AI deployments.

You can see the full system live at https://drift-demo-v2.vercel.app. Register a travel booking agent, watch Token Vault supply credentials silently, trigger the CIBA step-up for a card charge, and see every action logged in the ActionLedger in real time.

The agent economy is coming. The identity infrastructure needs to be ready. Drift is built to be that layer, on top of Auth0, not bolted alongside it.

GitHub: https://github.com/obooks29/drift
Live: https://drift-demo-v2.vercel.app

Built With

  • auth0-ciba
  • auth0-m2m
  • auth0-management-api
  • auth0-token-vault
  • fastify
  • groq
  • llama-3
  • next.js
  • postgresql
  • prisma
  • supabase
  • tailwind-css
  • turborepo
  • typescript
Share this project:

Updates