Agentic Power of Attorney (APOA) – An open standard for AI agent auth

Name: Agentic Power of Attorney (APOA) – An open standard for AI agent auth
Availability: InStock
Author: juanfiguera

by juanfiguera·Feb 26, 2026·1 point·0 comments

Visit Project View on HN

AI Analysis

●●●BangerBig BrainZero to One

Formal auth framework for agentic delegation; fills a gap before agents negotiate house deals.

Strengths

•Zero-capability delegation (ZCAP-LD) is genuinely novel in agent context—audit trail + revocation solves real liability
•Builds on proven foundations (OAuth 2.1, JWT) instead of inventing crypto—pragmatic standards work
•Real motivating incident (agent sent email to wrong recipient) shows this solves today's problem, not theoretical one

Weaknesses

•Working draft with no reference implementations shown—unclear if integrations with major services exist yet
•Adoption friction: requires service providers to implement; early-stage without buy-in from Anthropic, OpenAI, or platforms

Post Description

"Buy me a house. Budget $475K. Good school district. Handle it." That's where AI agents are headed. One already bought someone a car last month, negotiating $4,200 off across dealerships via email. Its entire authorization framework was a prompt: "ask me before doing anything consequential." It also sent a confidential email to the wrong person.

APOA is the missing infrastructure: an open standard for formally delegating bounded authority to AI agents. Scoped permissions, audit trails, instant revocation, credential isolation. Builds on OAuth 2.1, JWT, ZCAP-LD.

Working draft, Apache 2.0. Looking for feedback from anyone building agent infrastructure or working on auth standards. Please poke holes at it!