Skip to main content

Fiche #2: OAuth 2.0 + Token Exchange (RFC 8693)

STOA leverages OAuth 2.0 with RFC 8693 Token Exchange to let AI agents and users securely access multi-tenant APIs without sharing credentials across trust boundaries.

5 Key Points​

1. Keycloak as Federated Identity Broker​

STOA uses Keycloak with one realm per tenant. Each realm isolates users, roles, and clients. Keycloak federates with existing enterprise IdPs (Oracle OAM, Okta, Azure AD) via OIDC β€” no user migration required.

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚        Keycloak (STOA)              β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”      β”‚
β”‚  β”‚ realm-acmeβ”‚  β”‚realm-globexβ”‚     β”‚
β”‚  β””β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜     β”‚
β”‚        β”‚               β”‚           β”‚
β”‚   Federation      Federation       β”‚
β”‚        β”‚               β”‚           β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”     β”‚
β”‚  β”‚ Oracle OAMβ”‚  β”‚  Azure AD β”‚     β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

2. Token Exchange (RFC 8693) Bridges Trust Domains​

When an AI agent authenticated via Keycloak needs to call a backend behind a different gateway (e.g., webMethods), STOA performs a standards-compliant token exchange. The agent's JWT is swapped for a downstream-compatible token β€” no credential sharing.

3. Scoped Access with RBAC Claims​

Every JWT issued by STOA contains tenant-specific claims and scopes (stoa:read, stoa:write, stoa:admin). The MCP Gateway and OPA policies enforce fine-grained access per tool, per user, per tenant β€” no over-privileged tokens.

ScopeAllowed Actions
stoa:readList tools, read resources
stoa:writeInvoke tools, create subscriptions
stoa:adminManage tenants, configure policies

4. Short-Lived Tokens, No Stored Credentials​

Access tokens are short-lived (default: 1 hour). Refresh tokens handle re-authentication. No long-lived credentials flow between cloud and on-premises β€” only federated, short-lived JWTs cross the boundary.

5. Standard Flows for Every Use Case​

FlowUse Case
Client CredentialsMachine-to-machine (AI agents, CI/CD)
Authorization Code + PKCEWeb apps, Developer Portal
Token Exchange (RFC 8693)Cross-gateway, cross-realm delegation

Objections & Answers​

ObjectionAnswer
"We already have OAuth β€” why another IdP?"Keycloak federates with your existing IdP. No migration, no duplication. It adds multi-tenant isolation on top.
"Token Exchange adds latency"Exchange happens once per session, not per request. Downstream tokens are cached. Typical overhead: minimal (depends on network and infrastructure).
"Our security team won't accept cloud-based auth"Full on-premises deployment is supported. Keycloak runs in your cluster.
"RFC 8693 is niche β€” will it be supported long-term?"RFC 8693 is an IETF standard supported by Keycloak, Auth0, and Azure AD. It's the standard way to delegate tokens across trust boundaries.

Further Reading​