Cred: Open-Source OAuth Credential Delegation for Secure AI Agent Authentication
By
Kieran Sweeney
1mo ago· 1 min readenProduct
38/100
Stale
Bagelometer↗
Sat out too long. The crust has gone leathery.
Score38Typepress releaseSentimentpositive
Summary
Cred is an open-source credential delegation middleware for AI agents that addresses security vulnerabilities in OAuth token storage. It provides encrypted credential management where users consent once, then Cred encrypts refresh tokens with AES-256-GCM and never returns them. AI agents receive short-lived tokens on demand, with every delegation producing cryptographic audit receipts. The project also includes CredX for simpler encrypted credential storage, is self-hosted under Apache 2.0 license, and has zero cloud dependency.
Key quotes
· 4 pulledAI agents need OAuth tokens for user accounts, but most frameworks store them in plaintext config files.
Cred encrypts the refresh token (AES-256-GCM) and never returns it. Agents get short-lived tokens on demand.
Every delegation produces a cryptographic audit receipt.
Self-hosted. Apache 2.0. Zero cloud dependency.
AI agents need OAuth tokens for user accounts, but most frameworks store them in plaintext config files. Cred is open-source credential delegation middleware. The user consents once. Cred encrypts the refresh token (AES-256-GCM) and never returns it. Agen
