Every AI agent that does something useful - opening a PR, posting in Slack, updating a ticket - needs to call an API on behalf of a user. That means OAuth. Authorization flows, token storage, refresh logic, per-user credential isolation.

Today, most teams solve this with a long-lived API key in an .env file, shared across every user and every session. As everyone in an organization becomes a software engineer - whether they know it or not - you can't expect each of them to roll their own OAuth. Secure credential handling needs to be baked into the infrastructure.

The core issue: agents are a new kind of principal. They're not users. They're not service accounts. They act with delegated authority on someone else's behalf. Existing identity systems have no model for this.

Kontext does.

Kontext validates the user and the agent, and returns a credential that lets agents act on behalf of their user - scoped, short-lived, and revocable. No secrets in your codebase, and action is traced back to the human who approved it.

We are thrilled to be launching our SDK, let us know what you think!