AuthSecureAgent

AI Agent secured by Auth0 authentication and Authorization

Comment

Inspiration

Interested particularly in Google Cloud/AI technologies, the project showcases the integration of Google Cloud and LLM with Auth0 secured AI Agent

What it does

The AuthSecureAgent application benefits of easy End Users Authentication and Services Authorization Access based on Auth0 Token Vault. The end user can authenticate either thru login/password classic form either thru his/her Google ID user experience

How we built it

In addition to Auth0 authentication/authorization/token vault features, The Application includes following custom components

  • Frontend developed in React

  • Backend developed with FastAPI

  • Langgraph to facilitate the integration of LLM and tools in the Agent

Following Special choices have been made :

  • introduction of Google LLM rather then OpenAI LLM

  • Configuration of the Application in dedicated Auth0 Tenant with

    • Token Vault Grant Type
    • Google Oauth2 ID Provider Connection on Auth0 associated to Google Cloud IAM/ID settings

  • Containerization of components to benefit of portability, efficiency, agility and facilitate development/start&stop of the application locally but also useful to prepare remote deployment.

Challenges we ran into

  • langgraph module containerization/visibility requiring to find appropriate Dockerfile

  • integration of mcp tools in addition to function tools has been launched but mcp associated issues could not be solved in due time

Accomplishments that we're proud of

  • End to End Working Custom Agent Secured with Auth0 in Database Login/Password mode and Google ID Provider mode

Auth0 Secure Agent Docker Containerization + Google Cloud Run Services Demo

What we learned

  • Auth0 Tenant Provisionning, Configuration, Technologies, Features

  • Langgraph integration of Google LLM and Tools

What's next for AuthSecureAgent

  • more integration with mcp tools

  • Auth0 FGA (Fine Grained AUthorization) will be scheduled later on after better understanding of the principles/integration

Bonus Blog Post

  • The AuthSecureAgent project is composed of several various modules (frontend tool, backend service, langgraph api), each one having its own specific build / start / stop process. On Personal Desktop, it is necessary to avoid bad edge effect on other local application, hence it is important to adopt containerization to get agile, efficient and portable modules with easy deployment either locally either remotely using docker and docker-compose for local orchestration. It has been necessary to organize better the Python Backend code into common/FastAPIBackend/LanggraphAPIBackend to facilitate maintenance, Agility for deployment and Performance (Lowest Image Memory Footprint)

  • The Agent module can benefit of Auth0 Token Vault to manage easily access/refresh tokens necessary to interact with external APIs / Tools (either Functional either MCP as soon as possible) on end user behalf and consent, offering better protection of his/her unwanted data leverage by other party.

  • In addition to Google Id Provider Connection configured in the Auth0 Tenant, The AuthSecureAgent Agentic Module has been integrated with Google Gemini/Vertex AI LLM, to get homogeneous Cloud Provider and also to use existing Google Cloud Account.

  • The Application (following docker containerization for each main component) has been deployed as Google Cloud Run services to benefit serverless remote hosting. Auth Session Token could not be used on remote components due to CORS (cross origin), hence background token retrieval has been implemented to get appropriate token to be used to interact with remote service

Auth0 Secure Agent Explanation

Auth0 Secure Agent Docker Containerization + Google Cloud Run Services Demo

Built With

Share this project:

Updates