Vanguard

"Okta for Machines" — The control plane that makes sovereign AI agents actually safe for production and enterprise use.

Comment

🛡️ Vanguard — The Secure Execution Gateway for AI Agents "The Okta for Machines" — A secure, intent-aware control plane that makes autonomous AI agents safe for enterprise and production use.

Built for the Authorized to Act Hackathon (Auth0 for AI Agents), Vanguard leverages Auth0 Token Vault to eliminate raw secret exposure and enforce identity-centric authorization for agentic workflows.

⚡ The Problem As Agentic AI scales (projected $100B+ market by 2030), a massive security gap has emerged:

  • Confused Deputy Problem: Agents given raw tokens can be "tricked" via prompt injection into - performing malicious actions (deleting data, leaking secrets).
  • Secret Sprawl: Storing API keys in local agent environments is a compliance nightmare.
  • Lack of Human-in-the-loop: Complex agent workflows often lack a standardized way to request manual approval for high-risk operations.

🛡️ Our Solution: The Vanguard Gateway Vanguard sits between your local or sovereign AI (like OpenClaw) and the digital world. It doesn't just pass tokens; it understands intent.

Core Architecture:

  • Intent Interception: Every agent request is intercepted by Vanguard.
  • Supervisor LLM: A dedicated security LLM (Ollama/Llama 3.2) analyzes the intent against the requested action.
  • Auth0 Token Vault: The ONLY place where real API secrets live. Vanguard exchanges a Vault Token for a JIT, scoped access token ONLY after approval.
  • Step-Up MFA: High-risk actions trigger an Auth0 MFA prompt (FaceID/Push) to the user's phone before execution.
  • Immutable Audit: A cryptographically signed ledger of every intent, risk score, and execution result.

🛠️ Technical Stack

  • Frontend: Next.js 15 (App Router), Tailwind CSS (Premium Glassmorphism), Framer Motion.
  • Backend: FastAPI (Python 3.12), SQLAlchemy (Async), PostgreSQL/SQLite.
  • AI/Security: Ollama (Sovereign LLM), Vanguard Intent-Scanner (Regex + LLM).
  • Identity: Auth0 (OIDC, Actions, Token Vault, MFA).

Important Why Vanguard Wins: It addresses the #1 blocker for enterprise AI adoption — Security. By making Auth0 the "Identity of the Agent," we've built a system where agents can be autonomous without being dangerous.

April 2026

Built With

  • auth0
  • fastapi
  • oidc
  • ollama
  • tailwind
Share this project:

Updates