Sigil issues short-lived credentials to autonomous agents, lets them delegate across boundaries, attests their integrity, and revokes them in real time. Built on OAuth 2.1, WIMSE/SPIFFE, and RFC 8693 delegation — so it fits your existing identity stack, not the other way around.
Four primitives. The whole identity surface area for an agent fleet.
Issue OAuth 2.1 tokens scoped to a specific task, with a TTL measured in minutes. No long-lived API keys leaking through logs, no stale credentials persisting after an agent crashes.
One agent hands a scoped credential to another via RFC 8693 token exchange. Audit-trail-preserving, scope-narrowing, and revocable end-to-end. Agent A asks Agent B to do something — Agent B's credential records that.
Verify what's actually behind the credential — agent identity, code hash, host attributes. WIMSE/SPIFFE workload identities give you a chain-of-custody you can verify on the receiving side, not just trust.
Kill a credential the instant something looks wrong. Revocation is push-based — downstream services find out within seconds, not at the next token refresh. Critical when an agent goes off the rails.
Sigil isn't a parallel universe. It speaks the same protocols your existing IdP, secrets manager, and audit pipeline already understand.
The current consolidation of OAuth 2.0 — PKCE everywhere, no implicit flow, no password grant. Short-lived bearer tokens with refresh.
Workload Identity in Multi-System Environments. SPIFFE-style IDs for non-human callers, so the credential names what's running, not just who started it.
OAuth token exchange. The IETF-blessed way to delegate scope downward from one principal to another while preserving the chain.
Federate with your existing identity provider (Okta, Auth0, Entra). Human-bound credentials still flow through Sigil for agent-side delegation and revocation.
Give them their own — short-lived, scoped, revocable.