Agent Authentication & Identity for AI brand directory

Auth0 by Okta is a cloud-native Customer Identity and Access Management (CIAM) platform delivering authentication, authorization, and user management as a service for web, mobile, API, and AI agent applications. Core product capabilities include Universal Login, SSO, adaptive MFA, passwordless flows, Fine-Grained Authorization (FGA), Token Vault for secure API credential management for agents, Async Authorization with human-in-the-loop approvals, SCIM provisioning, and the Auth0 for AI Agents suite enabling secure agentic application development across LangChain, LlamaIndex, Vercel AI SDK, Cloudflare Agents, and Firebase Genkit.

WorkOS is an enterprise identity and authentication API platform for B2B SaaS and AI-native applications. Its core products—AuthKit, Enterprise SSO, Directory Sync, Admin Portal, Audit Logs, RBAC, Fine-Grained Authorization, Radar, Vault, MCP Auth, and Pipes—enable developers to ship enterprise-ready features with minimal code. WorkOS is particularly prominent in the AI vertical, powering authentication for OpenAI, Cursor, Perplexity, and Anthropic, and has launched MCP Auth to provide OAuth 2.1 authorization for AI agent (MCP server) workflows, directly addressing the emerging need for secure agent-to-resource authentication.

Nango is a code-first, open-source integration platform that lets developers connect their products and AI agents to 700+ external APIs. It abstracts API authentication, credential management, data syncing, webhook handling, and agent tool calling into a unified infrastructure layer, allowing engineering teams to write TypeScript integration functions locally (or generate them with AI), deploy to Nango's production runtime, and manage everything through a CLI and dashboard.

Stytch is an API-first identity platform providing authentication, authorization, and fraud prevention for human users and AI agents. Its core products span passwordless auth methods (magic links, OTPs, passkeys, WebAuthn), enterprise SSO and SCIM, RBAC, native multi-tenancy, device fingerprinting, and bot detection. The Connected Apps product extends Stytch to serve as an OAuth 2.1 identity provider for AI agents and MCP-based integrations, enabling scoped, auditable, user-consented agent access with instant revocation. Stytch is now a subsidiary of Twilio following its November 2025 acquisition.

Composio is an agent-native integration platform that provides AI agents with authenticated, production-ready access to 1,000+ third-party applications through managed OAuth, sandboxed execution, intent-driven tool resolution, and continuously learning tool accuracy—enabling developers to go from chatbot to full general-purpose agent in five lines of code.

Merge is a developer infrastructure platform that provides unified API access to 220+ third-party integrations, a managed agentic tooling layer (Merge Agent Handler) for AI agents to securely authenticate and take actions across enterprise tools, and an LLM gateway (Merge Gateway) for intelligent model routing. It targets B2B SaaS companies and AI product teams who need to ship integrations fast without building or maintaining individual connectors.

Arcade.dev is an MCP runtime platform that enables AI agents to securely take real-world actions on behalf of users across enterprise and consumer applications. It provides authenticated tool-calling infrastructure—handling per-user OAuth flows, token management, and credential security—so that agents built on any LLM framework can interact with systems like Gmail, Slack, Salesforce, GitHub, and 40+ others without service-account risk or bespoke integration work. The platform includes a curated catalog of agent-optimized MCP tools, an open-source SDK for building custom tools, MCP Gateways for team-level governance, and enterprise controls (RBAC, audit logs, flexible deployment) that satisfy security and compliance requirements.

Descope is a drag-and-drop external IAM platform that unifies customer identity, B2B authentication, and agentic identity into a single no-code/low-code system. Its visual Flows builder enables teams to build, iterate, and migrate authentication journeys—including passwordless login, SSO, MFA, and identity federation—without touching application code. In 2025, Descope extended the platform with an Agentic Identity Hub and Agentic Identity Control Plane to secure AI agents and MCP servers with standards-based OAuth 2.1 authorization, scoped consent management, dynamic client registration, and policy-based lifecycle governance.

Astrix Security is a purpose-built platform for AI agent and non-human identity (NHI) security. It provides automated discovery, governance, behavioral threat detection, and secure deployment capabilities for all machine identities—including API keys, OAuth tokens, service accounts, AI agents, and MCP servers—across enterprise cloud, SaaS, and IaaS environments. Its Agent Control Plane (ACP) allows organizations to provision agents with short-lived credentials and precisely scoped access from day one.

Better Auth is an open-source TypeScript authentication framework that lives inside the developer's own codebase and database. It offers a composable, plugin-based system with 50+ auth methods and features—from basic email/password and social login to enterprise SSO/SCIM and AI agent authentication via MCP and the Agent Auth Protocol—competing with managed services like Auth0 and Clerk by offering full data ownership, no MAU-based pricing, and deep flexibility across 20+ JavaScript framework environments.

Keycard is an agent-native identity and access management platform that issues cryptographically verified, task-scoped credentials to AI agents at runtime. It resolves composite identity (user + device + agent + task), enforces declarative policy at every tool call, and streams a tamper-resistant audit trail to existing SIEMs — enabling organizations to deploy autonomous agents in production without sacrificing security or compliance.

Oasis Security's NHI Security Cloud is an enterprise SaaS platform that provides full lifecycle governance for non-human identities and AI agents. It auto-discovers all NHIs across IaaS, SaaS, PaaS, and on-prem environments, assigns ownership using ML heuristics, assesses and prioritizes security posture risks, enforces least-privilege policies, automates credential rotation, and detects behavioral anomalies in real time via Oasis Scout. Its Agentic Access Management (AAM) capability extends governance to AI agents with intent-based, just-in-time access controls, granting only the permissions needed to complete each specific task—covering ephemeral permissions, vaulting, and federation in a single policy layer.

Operant AI's 3D Runtime Defense Platform delivers real-time discovery, detection, and active defense for the full AI and cloud application stack. Core modules include the AI Gatekeeper (LLM/GenAI threat protection with inline PII redaction), Agent Protector (runtime security for agentic AI ecosystems), MCP Gateway (enterprise-grade security for Model Context Protocol deployments), and API Threat Protection (east-west and external API coverage without VPC mirroring). The platform deploys in minutes via a single Helm chart with zero code instrumentation, maps live application blueprints, enforces NHI access controls, and actively blocks prompt injection, data exfiltration, model theft, zero-day vulnerabilities, and OWASP Top 10 API attacks. The open-source Woodpecker tool provides AI red teaming capabilities.