frontpage.

Ask HN: Would you give your Microsoft Azure keychain to an AI agent?

1•maxchampoux•4h ago

Hey HN,

I’m Maxime — a product builder and former Head of Product at Qonto (think Brex for Europe, ~$6B valuation). I recently started something new called [Well](https://wellapp.ai/) (https://wellapp.ai/), where we deploy autonomous agents (via remote browsers or Chrome extensions) to collect supplier invoices on behalf of founders. It saves tons of brain cycles for busy operators.

Now, I know I’m EU-based and this might sound like yet another attempt to regulate everything … but bear with me — the core question is:

> Would you give your Microsoft Azure keychain to an AI agent?

Over the years, I’ve built many integrations — some with OAuth2, others via RPA when no official APIs existed. But with this new generation of agents acting autonomously on behalf of users, I’m starting to wonder: how will we manage authentication and define the scope of what an agent is allowed to do?

*Problem 1: Agent Authentication*

My agents act on my behalf — but I’m extremely anti-password proliferation. While it's tempting to just give an agent my password and 2FA codes, that feels fundamentally broken.

Ideally, I want agents to request access to credentials with a specific scope, duration, and purpose — and I want to manage that access centrally. If I change my password or revoke permissions, the agent should lose access instantly.

*Problem 2: Agent Scope & Consent*

Let’s say an agent gets valid SaaS credentials and starts crawling an account. How do I know it's only collecting invoices, and not poking around in sensitive settings or triggering a password reset?

OAuth solved this with scopes and explicit user consent. But agents today don’t seem to have an equivalent. There’s no "collect-invoices-only" checkbox.

My open question: Should this kind of permissioning live inside a password manager? Or is it the responsibility of agent platforms to build a consent-aware vault? Or should we be thinking about something entirely new — like an MCP (Multi-Agent Control Protocol)?

Would love to hear if anyone has seen serious work or proposals in this space — or if you're tackling similar challenges in your vertical.

Thanks!

Did Peking U. Just Make the Fastest Transistor – Without Using Silicon?

RFC 5081: Using OpenPGP Keys for Transport Layer Security (TLS) Authentication

Astronomers spot a gold mine in cosmic flares

Is modern asceticism about conformity or quiet revolution?

Huawei's Shenzhen facilities reveal new push into advanced chipmaking

Antarctica gains ice for first time in decades, reversing trend of mass loss

French police investigate spate of cryptocurrency millionaire kidnappings

What is storm-watching and where should you try it?

The Truth About Your Smile (2015)

I wrote supreme Pascal-compiler in 1970s. No memories at all

Why everybody's drinking milk again

QGIS is the mapping software you didn't know you needed (2023)

Space explosions scientists can't explain

I built Silk – to help myself (and others) decode emotional manipulation

My Brain Finally Broke

Catastrophic fires and soil degradation: possible link with Neolithic revolution

Japanese Innovations That Shape Our Daily Lives

Show HN: Go from Idea to Revenue in Just Days

Show HN: Journelly for iOS: like tweeting but for your eyes only (in plain text)

Show HN: I made a travel app that suggests activities based on your preferences

Show HN: Transform Your Photos into Cyberpunk Art

The great conclave secret: What do would-be popes eat?

Show HN: A Hacker News-like web system written in Go, works without JavaScript

New Go Garbage Collector

Show HN: Discover Europe for Under £100 – Flight and Stay Included

Helpful way to analyse your chess games

Makeyo MK01: 3D printed PC case

Show HN: Science-backed men's health tracker to boost energy, mood and hormones

We cut CI emissions by up to 90% – by choosing where code runs

Printf in 1ns [video]