[GH-ISSUE #350] Model authentication (with OAuth instead of api keys) #251

Open
opened 2026-06-05 17:21:16 -04:00 by yindo · 3 comments
Owner

Originally created by @obinopaul on GitHub (Mar 23, 2026).
Original GitHub issue: https://github.com/langchain-ai/deepagentsjs/issues/350

Originally assigned to: @hntrl on GitHub.

Dear Langchain commuunity,

I am amazed at how awesome this framework is. I am curious to know when the auth configuration for both Langchain OpenAI and other models will be implemented, as we only have one way to use models (via api keys) which has strong cost limits, especially for coding tasks.

Please let me know if this has already been implemented. I couldnt find any resource on it today.

Originally created by @obinopaul on GitHub (Mar 23, 2026). Original GitHub issue: https://github.com/langchain-ai/deepagentsjs/issues/350 Originally assigned to: @hntrl on GitHub. Dear Langchain commuunity, I am amazed at how awesome this framework is. I am curious to know when the auth configuration for both Langchain OpenAI and other models will be implemented, as we only have one way to use models (via api keys) which has strong cost limits, especially for coding tasks. Please let me know if this has already been implemented. I couldnt find any resource on it today.
yindo added the needs-response label 2026-06-05 17:21:16 -04:00
Author
Owner

@christian-bromann commented on GitHub (Mar 25, 2026):

Thanks for filing the issue @obinopaul , I will take it to the team and will discuss.

<!-- gh-comment-id:4123600273 --> @christian-bromann commented on GitHub (Mar 25, 2026): Thanks for filing the issue @obinopaul , I will take it to the team and will discuss.
Author
Owner

@Marsssssssssssdsss commented on GitHub (Jun 2, 2026):

Hi @obinopaul, I've been thinking about this same problem — API keys don't scale for agent authentication because they're permanent, unbounded, and live where the agent can read them.

One approach I've seen work is to treat the agent as a transient identity principal: the user authenticates once via OAuth, and the agent generates short-lived, per-platform tokens on demand instead of holding raw keys. The platform verifies these tokens against the user's identity rather than trusting a static key.

Curious if you've considered a similar direction — separating the user's long-lived credentials from the agent's session-level tokens.

<!-- gh-comment-id:4600367416 --> @Marsssssssssssdsss commented on GitHub (Jun 2, 2026): Hi @obinopaul, I've been thinking about this same problem — API keys don't scale for agent authentication because they're permanent, unbounded, and live where the agent can read them. One approach I've seen work is to treat the agent as a transient identity principal: the user authenticates once via OAuth, and the agent generates short-lived, per-platform tokens on demand instead of holding raw keys. The platform verifies these tokens against the user's identity rather than trusting a static key. Curious if you've considered a similar direction — separating the user's long-lived credentials from the agent's session-level tokens.
Author
Owner

@hntrl commented on GitHub (Jun 2, 2026):

Hey @obinopaul & @Marsssssssssssdsss, sorry for the delay in response. Could you elaborate on what you mean with respect to oauth? Do you mean using things like a codex/claude subscription within the deepagents sdk?

<!-- gh-comment-id:4605586165 --> @hntrl commented on GitHub (Jun 2, 2026): Hey @obinopaul & @Marsssssssssssdsss, sorry for the delay in response. Could you elaborate on what you mean with respect to oauth? Do you mean using things like a codex/claude subscription within the deepagents sdk?
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: langchain-ai/deepagentsjs#251