Hawcx Docs
Documentation
/
AgentAuth
/
Examples
/
Multi-Agent Delegation

Multi-Agent Delegation

Let agents securely delegate scoped permissions to other agents

In multi-agent systems, a coordinator agent often needs to hand off work to specialized workers. But how do you give a worker agent access without over-permissioning it?

Hawcx supports scoped delegation: a coordinator can grant a worker a subset of its own permissions, with its own constraints, and a cryptographic chain proving who authorized what.

Delegate Permissions to a Worker

import { HawcxAgent } from "@hawcx/agent-sdk";

// Coordinator has broad permissions
const coordinator = new HawcxAgent({
  agentInstanceId: "coordinator-01",
  configId: process.env.HAWCX_CONFIG_ID,
});

await coordinator.ensureAuthenticated();

// Delegate a narrow subset to a worker
const workerToken = await coordinator.delegateScopes({
  targetAgentInstanceId: "inventory-checker-01",
  tool: "a2a:inventory_read",
  constraints: { max_records: 100, time_bound: 120 },
});

The worker can now read inventory with the specified constraints, and nothing else. It can't access other tools, exceed the record limit, or further delegate (if the delegation depth reaches 0).

How It Works

  1. Coordinator authenticates and has an active session with pre-minted tokens
  2. It calls delegateScopes() specifying the target agent, tool, and constraints
  3. The token service mints a delegation token with the delegation depth decremented by 1
  4. The worker uses this token for the specific tool invocation within constraints
  5. The audit trail shows the full chain: coordinator -> worker -> action

Rules

  • Can only delegate what policy permits. Your access policy engine governs delegation, not the agent.
  • Depth decreases by 1 at each hop. When delegation_depth reaches 0, no further delegation is possible.
  • Independent constraints. Delegation tokens have their own time limits, call limits, and other constraints.
  • Full traceability. Every action traces back through the delegation chain to the originating agent and the human who registered it.
  • Single-use. Delegated tokens are still single-use and encrypted. Same security properties as direct tokens.

LangChain Integration

Give your LangChain agents their own authenticated identity

Glossary

Key terms used in Hawcx Agentic Auth documentation