top | item 47052501

Show HN: Vestauth – Auth for Agents

11 points| scottmotte | 13 days ago |github.com

I"m the creator of dotenv and dotenvx. A month ago I started building a way for agents to store and rotate secrets as part of dotenvx and I ran into a problem. Agents can't sign themselves up autonomously. They need a way to do this - without a human in the loop.

I searched for solutions but wasn't happy with any so I created Vestauth.

Here's how it works:

It manages both the agent and the provider side. The agent with one command can set up a cryptographic identity avoiding human designed handshake mechanisms like OAuth. And on the provider side there is no management of API keys, no username and passwords, no users table even. Authentication works with a single line of code verifying this cryptographically.

1 comment

cjbz|13 days ago

This is a very cool approach - I'm going to look at this for a few different projects I'm working on. Allowing agents to identify themselves without API keys is an operational dream come true