frontpage.

Ask HN: Would you give your Microsoft Azure keychain to an AI agent?

1•maxchampoux•9mo ago

Hey HN,

I’m Maxime — a product builder and former Head of Product at Qonto (think Brex for Europe, ~$6B valuation). I recently started something new called [Well](https://wellapp.ai/) (https://wellapp.ai/), where we deploy autonomous agents (via remote browsers or Chrome extensions) to collect supplier invoices on behalf of founders. It saves tons of brain cycles for busy operators.

Now, I know I’m EU-based and this might sound like yet another attempt to regulate everything … but bear with me — the core question is:

> Would you give your Microsoft Azure keychain to an AI agent?

Over the years, I’ve built many integrations — some with OAuth2, others via RPA when no official APIs existed. But with this new generation of agents acting autonomously on behalf of users, I’m starting to wonder: how will we manage authentication and define the scope of what an agent is allowed to do?

*Problem 1: Agent Authentication*

My agents act on my behalf — but I’m extremely anti-password proliferation. While it's tempting to just give an agent my password and 2FA codes, that feels fundamentally broken.

Ideally, I want agents to request access to credentials with a specific scope, duration, and purpose — and I want to manage that access centrally. If I change my password or revoke permissions, the agent should lose access instantly.

*Problem 2: Agent Scope & Consent*

Let’s say an agent gets valid SaaS credentials and starts crawling an account. How do I know it's only collecting invoices, and not poking around in sensitive settings or triggering a password reset?

OAuth solved this with scopes and explicit user consent. But agents today don’t seem to have an equivalent. There’s no "collect-invoices-only" checkbox.

My open question: Should this kind of permissioning live inside a password manager? Or is it the responsibility of agent platforms to build a consent-aware vault? Or should we be thinking about something entirely new — like an MCP (Multi-Agent Control Protocol)?

Would love to hear if anyone has seen serious work or proposals in this space — or if you're tackling similar challenges in your vertical.

Thanks!

Nestlé couldn't crack Japan's coffee market.Then they hired a child psychologist

Notes for February 2-7

Study confirms experience beats youthful enthusiasm

The Big Hunger by Walter J Miller, Jr. (1952)

The Genus Amanita

We have broken SHA-1 in practice

Ask HN: Was my first management job bad, or is this what management is like?

Ask HN: How to Reduce Time Spent Crimping?

KV Cache Transform Coding for Compact Storage in LLM Inference

A quantitative, multimodal wearable bioelectronic device for stress assessment

Why Big Tech Is Throwing Cash into India in Quest for AI Supremacy

How to shoot yourself in the foot – 2026 edition

Eight More Months of Agents

From Human Thought to Machine Coordination

The new X API pricing must be a joke

Show HN: RMA Dashboard fast SAST results for monorepos (SARIF and triage)

Show HN: Source code graphRAG for Java/Kotlin development based on jQAssistant

Python Only Has One Real Competitor

Tmux to Zellij (and Back)

Ask HN: How are you using specialized agents to accelerate your work?

Passing user_id through 6 services? OTel Baggage fixes this

DavMail Pop/IMAP/SMTP/Caldav/Carddav/LDAP Exchange Gateway

Visual data modelling in the browser (open source)

Show HN: Tharos – CLI to find and autofix security bugs using local LLMs

Oddly Simple GUI Programs

The New Playbook for Leaders [pdf]

Interactive Unboxing of J Dilla's Donuts

OneCourt helps blind and low-vision fans to track Super Bowl live

Rudolf Vrba

Autism Incidence in Girls and Boys May Be Nearly Equal, Study Suggests