Tag: agentic commerce security

  • AP2 Token Revocation: Securely Remove Agent Payment Credentials

    An AI agent just completed its last authorized procurement run for a vendor you terminated this morning. The contract is closed. The relationship is over. But the agent’s payment credential is still live. It remains scoped to your payment rail. It can still initiate a six-figure purchase order.

  • AP2 vs. OAuth 2.0: Agent Authorization for B2B Commerce

    AP2 vs. OAuth 2.0: Agent Authorization for B2B Commerce

    Your AI procurement agent just submitted a $240,000 fabric order at 2:47 AM. No human approved it. No one re-authenticated. The OAuth 2.0 bearer token it used has been alive for six hours. It crossed four autonomous transaction cycles. That token offers zero proof that the agent holding it is the ag