Bulwark Auth
Join Beta
AnnouncementMCP Auth Protocol is now in Public Beta

Identity for Modern Apps & AI Agents.

Enterprise-grade authentication and credential delegation for building products designed for the agentic era.

Request Beta AccessDocumentation
App.tsx
1import { BulwarkProvider, SignIn } from "@bulwarkauth/react";
2
3export default function App() {
4 return (
5 <BulwarkProvider>
6 <SignIn />
7 </BulwarkProvider>
8 );
9}
Lines of code: ~6 · Full auth stack included

Everything agents need. Nothing they don't.

Built ground-up for agentic workloads, with human auth as a natural extension.

Embeddable Components

Beautiful, customizable UI components for every step of the user journey. From registration to MFA, fully themeable to match your brand.

Passkey Support

Native WebAuthn implementation. Give your users the fastest and most secure way to sign in without passwords.

AI Agent Identity

First-class principals for autonomous agents with trust levels, capabilities, and scoped credentials for the LLM era.

OAuth2/OIDC Provider

Turn your application into an identity provider. Seamlessly integrate with external services and third-party dashboards.

Fine-grained Authorization

Go beyond simple roles. Implement attribute-based access control with an intuitive Datalog policy engine.

MCP Auth Protocol

The authentication standard for distributed AI tools and data sources. Secure your MCP servers instantly with BACP.

Secure your AI agents in minutes

Start a scoped session for any agent task. Access APIs through the credential proxy — Bulwark handles token refresh, audit logging, and rate limits automatically.

Need to hand off to a sub-agent? Delegate a narrower token with fewer permissions and a shorter TTL — cryptographically enforced, no server round-trip required.

Biscuit tokens with offline verification
Automatic token refresh via credential proxy
Full audit trail on every access
agent-task.ts
1  // Create a scoped session for an agent task
2  const session = await bulwark.startSession({
3    task: "Analyze Q1 sales data",
4    ttl: "15m",
5    maxUses: 100,
6  });

7  // Access APIs through the credential proxy
8  const data = await session.fetch("sales_db", {
9    path: "/",
10   operations: ["read"],
11 });

12 // Delegate narrower access to a sub-agent
13 const subToken = session.delegate({
14   permissions: ["read"],
15   services: ["sales_db"],
16   ttl: "5m",
17   maxUses: 10,
18 });

Built different

The only identity platform designed for AI agents from day one.

FeatureBulwarkAuth0ClerkFirebase AuthWorkOS
Embeddable Components
Passkey / WebAuthn
AI Agent Identity
OAuth2 / OIDC
Self-Hosted
Open Protocol (BACP)
Token Vault

Secure your future today.

Join developers building the next generation of secure, identity-first applications for humans and AI agents.

Request Beta AccessRead the Docs