Skip to main content
IIOS — The platform for organizational reasoning
Operate

Identity & Access

One identity model spans people, services, and agents. Authentication federates to your IdP; authorization is enforced centrally with role- and attribute-based rules, and delegated tokens can only ever narrow scope.

ForSecurity & IAM teamsPlatform teamsIT organizations

Principals & tokens

IIOS treats every actor as a principal with a short-lived, scoped token. Users authenticate through your identity provider; services use workload identity; agents receive delegated tokens derived from — and bounded by — the principal that invoked them.

Authentication → policy → resource
User / serviceprincipalIdentity providerOIDC / SAMLPolicy enginescopes + rolesGraph APIread/assertAgent runtimescoped token
A single exchange path for humans, services, and agents.

Federated authentication

Authentication is delegated to your existing IdP over OIDC or SAML, so IIOS never becomes a parallel credential store. Group and attribute claims flow through to the policy engine.

MethodProtocolBest for
SSOOIDC / SAML 2.0Employees and internal apps
Workload identityOIDC federation / mTLSService-to-service calls
Delegated agent tokenToken exchange (RFC 8693)Autonomous & assisted agents

Authorization

Access combines role-based assignments with attribute-based constraints (plant, asset, classification). The policy engine evaluates both on every request — there is no path to a resource that bypasses it.

identity.ts
// Every principal — human, service, or agent — gets a scoped token.
// An agent token can never exceed the scope of the principal that created it.

const token = await iios.identity.exchange({
  subject: session.userId,          // the acting principal
  audience: 'graph.read',           // what it may call
  scopes: ['plant:north', 'asset:pump-*'],  // ABAC constraints
  ttlSeconds: 300,                  // short-lived by default
})

// Delegated to an agent — scope can only narrow, never widen:
const agentToken = await iios.identity.delegate(token, {
  audience: 'agent.invoke',
  scopes: ['asset:pump-*'],         // subset of the parent scopes
})
Scope can only narrow
Delegation is monotonic: a delegated token's scopes must be a subset of its parent. This is what makes agent autonomy safe — an agent can never escalate beyond its human.

Access patterns

Short-lived by default

Tokens expire in minutes and are re-minted on demand, shrinking the blast radius of any leak.

Claims from your IdP

Roles and attributes originate in your directory, so access reviews stay in the tools your security team already audits.

Bounded agent identity

Agents act under delegated, narrowed tokens — never a shared service account.

Everything attributable

Each token carries the originating principal, so every action in the audit ledger traces back to a real identity.