Security

AI Agents Need Permission Slips

Authorization for AI workflows goes beyond traditional RBAC. Learn to implement dynamic permissions and human approval gates.

Heather Downing

Heather Downing

Climbing the technology mountain and halfway up the side. Experience in .Net, mobile applications and more recently voice interface development. Dabbles in iOT & databases. Focusing on coding for humans and choosing the right tool for the job. Heather is a passionate coder and entrepreneur. She has experience working with Fortune 500 companies building enterprise level mobile and .Net applications.

She spends her spare time at tech conferences supporting the growth of new developers of all genders, ages and backgrounds. When not coding, Heather spends her time as a competitive equestrian and learning the art of mounted archery.

1 / 2

MCP servers connect AI agents to enterprise systems, but most examples aren't specific about what they have access to - they just assume you know. This works until your assistant decides to reorganize your file system or email your entire customer database. Turns out giving AI agents broad permissions is like giving a toddler car keys.

This session guides authorization for AI workflows beyond RBAC (Role-Based Access Control). We'll implement dynamic permission scoping, context-aware authorization, and most importantly, human approval gates for dangerous operations. You'll learn to build agentic workflows that are useful enough to deploy but constrained enough to trust with production data.