Scoped Delegation
Granting an agent a limited, explicit set of permissions to act on a principal's behalf — bounded in scope, budget and time.
- term
- Scoped Delegation
- category
- identity
- short_def
- Granting an agent a limited, explicit set of permissions to act on a principal's behalf — bounded in scope, budget and time.
- long_def
- Delegation answers the second half of agent identity: not just 'which agent?' but 'authorized to do what, for whom, within what limits?'. Scoped delegation expresses bounded authority — e.g. spend up to a cap, only with approved merchants, for a fixed window — and underpins agent payment mandates (AP2) and permissioned payment rails (MPP). It is the principle that keeps an autonomous agent from exceeding what its principal allowed.
- see_also
agent-identityap2verifiable-credentials- etymology_origin
- — verify-against-primary-at-build ↗ https://datatracker.ietf.org/doc/html/rfc6749 — scoped delegation generalises OAuth 2.0 'scopes' and delegated authorization (RFC 6749, 2012) to AI agents; no single coiner for the agent-delegation sense
- related_to
agent-identityap2verifiable-credentialsagent-as-buyermpp- contrast_with
- Unlike authentication, which proves who an agent is, scoped delegation defines what that agent is permitted to do on a principal's behalf — bounded authority, not identity; the two together gate any consequential agent action.
- example
- An AP2 payment mandate is a form of scoped delegation: it authorizes an agent to spend only up to a set amount, only for a specified transaction, on the human's behalf.
- source
- https://datatracker.ietf.org/doc/html/rfc6749
- status
- emerging
- why_it_matters
- Scoped delegation is the safety boundary of autonomous action; without it, granting an agent access means granting it unbounded authority — unacceptable for payments or writes.
- sameAs
- —
- bridge_entity
- protocols/identity/web-bot-auth
- last_verified
- 2026-06-15
- md_twin
- /glossary/delegation.md