Authentication and Authorization

[asheeshgarg]

For long running agents or new workflow created using the ui builder. Any guidance to manage the authentication and authorization for the resources agent going to use and how the entitlement are captured for the user process.

[ekzhu]

For process-based authorization, checkout distributed runtime which allows you to run each agent in a separate process. Right now, the authentication part should be application code.

https://microsoft.github.io/autogen/dev/user-guide/core-user-guide/framework/distributed-agent-runtime.html

[rysweet]

just agreeing here that this is very specific to your application/tenancy model etc. To authenticate the communication between agents and the runtime, use certificates. In .NET this is on by default, in python it requires some lifting to configure. If running the agents and runtime in containers you Ould also use TLS between the containers.