Session
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
What happens when your AI agents bypass controls, abuse tool permissions, or hallucinate sensitive data from RAG pipelines? The path to an “AI Overlord” starts with one unguarded API call.
In this talk, you’ll learn how to weaponize OAuth2, OpenFGA, and battle-tested authorization strategies to keep AI agents in check. We’ll cover:
✅ Role-Based Shackles: Enforce least privilege for AI toolchains using RBAC and Fine-Grained Authorization (FGA).
✅ Credential-Free Tool Calls: Fortify API integrations with OAuth2 token exchange, letting agents act on behalf of users without ever touching raw credentials.
✅ RAG Jailbreaking Fixes: Embed FGA directly into retrieval workflows to prevent agents from leaking confidential data
✅ Human Guardrails: Leverage asynchronous authorization workflows to audit high-stakes actions.
Forget sci-fi doomsday scenarios—we’re tackling today’s threats. Walk away with knowledge to armor your AI agents against rogue behavior and security nightmares.

Deepu K Sasidharan
JHipster co-lead, Java Champion & Staff Developer Advocate @ Okta
Utrecht, The Netherlands
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top