To address the challenge of simultaneously ensuring security, accountability, and cross-modal access control in AI assistant permission management, this paper proposes a trustworthy authorization and auditable delegation framework for AI agents. Methodologically, it introduces the first agent-centric identity authentication architecture that integrates natural-language permission translation with extended OAuth 2.0 and OpenID Connect protocols, establishing agent-specific credential issuance and a semantic parsing model to enable end-to-end traceable mapping from human intent to machine-executable policies. It further incorporates an auditable access control engine supporting fine-grained, compliance-aware permission enforcement. The key contribution is the first automated translation of natural-language policies into standardized, enforceable access control rules—significantly enhancing AI agent controllability, interpretability, and accountability. The framework has been validated across multiple Web service prototypes, demonstrating plug-and-play secure integration.

The rapid deployment of autonomous AI agents creates urgent challenges around authorization, accountability, and access control in digital spaces. New standards are needed to know whom AI agents act on behalf of and guide their use appropriately, protecting online spaces while unlocking the value of task delegation to autonomous agents. We introduce a novel framework for authenticated, authorized, and auditable delegation of authority to AI agents, where human users can securely delegate and restrict the permissions and scope of agents while maintaining clear chains of accountability. This framework builds on existing identification and access management protocols, extending OAuth 2.0 and OpenID Connect with agent-specific credentials and metadata, maintaining compatibility with established authentication and web infrastructure. Further, we propose a framework for translating flexible, natural language permissions into auditable access control configurations, enabling robust scoping of AI agent capabilities across diverse interaction modalities. Taken together, this practical approach facilitates immediate deployment of AI agents while addressing key security and accountability concerns, working toward ensuring agentic AI systems perform only appropriate actions and providing a tool for digital service providers to enable AI agent interactions without risking harm from scalable interaction.