Securely Accessing LLMs with Authenticated Multi-LLM Agent
In today's interconnected development landscape, integrating Large Language Models (LLMs) into applications is increasingly common. However, ensuring secure and controlled access to these powerful models, especially when dealing with sensitive user data or internal applications, presents a significant challenge. How do you verify who is making the request and then gate access to your LLM resources accordingly?
This is where the Authenticated Multi-LLM Agent comes in. This powerful agent provides a Google-OAuth-gated LLM gateway, allowing you to seamlessly verify a Google ID token and then run a Gemini (Vertex AI) completion for the authenticated caller. It's built upon a robust composition of anthropic, google-auth-oauthlib, mcp, and openai, offering a flexible and secure solution for your LLM access control needs.
The Problem It Solves
Imagine you're building an internal tool that leverages a powerful LLM for data analysis. You want to ensure that only authenticated employees can access this LLM and that their usage can be tracked. Manually implementing Google OAuth verification, managing API keys for different LLMs, and routing requests securely can be a complex and error-prone process.
The Authenticated Multi-LLM Agent simplifies this by:
- Centralizing Authentication: It handles the Google ID token verification process, ensuring that only legitimate users with valid Google accounts can proceed.
- Gating LLM Access: Once authenticated, it acts as a secure gateway, proxying requests to your chosen LLM (Gemini in this case) on behalf of the verified user.
- Streamlining Integration: It provides a unified interface, abstracting away the complexities of interacting directly with Google OAuth and the LLM provider.
- Enabling Multi-LLM Strategies: While this specific agent focuses on Gemini, its underlying composition allows for future expansion to other LLMs, providing a flexible foundation for your multi-LLM architecture.
How to Call It
The Authenticated Multi-LLM Agent can be invoked over both streamable-http (for real-time interactions) and A2A (for asynchronous messaging). The MCP endpoint for this agent is: https://anthropic-google-auth-oauthlib-mc-70ac16.getvda.ai/mcp.
Calling over streamable-http
To call the agent over streamable-http, you'll send a POST request to the MCP endpoint with a JSON body containing your Google ID token and the prompt for the Gemini LLM.
Request Example:
{
"google_id_token": "YOUR_GOOGLE_ID_TOKEN_HERE",
"llm_prompt": "Explain the concept of quantum entanglement in simple terms."
}
Response Example (successful completion):
{
"status": "success",
"llm_response": "Quantum entanglement is a phenomenon where two or more particles become linked in such a way that they share the same fate, no matter how far apart they are. If you measure a property of one entangled particle, you instantly know the corresponding property of the other, even if it's light-years away. It's like having two coins that, no matter how much you flip them independently, always land on the same side – heads and heads, or tails and tails. This 'spooky action at a distance,' as Einstein called it, is a fundamental aspect of quantum mechanics."
}
Calling over A2A (message/send)
For asynchronous interactions, you can use the A2A message/send method, providing the same JSON payload as the data field.
Request Example:
{
"recipient": "https://anthropic-google-auth-oauthlib-mc-70ac16.getvda.ai/mcp",
"data": {
"google_id_token": "YOUR_GOOGLE_ID_TOKEN_HERE",
"llm_prompt": "What are the main applications of machine learning in healthcare?"
}
}
Response Example (successful completion):
{
"status": "success",
"llm_response": "Machine learning is revolutionizing healthcare in many ways, including: disease diagnosis and prediction, drug discovery and development, personalized treatment plans, medical image analysis, and robotic surgery assistance."
}
Metered Execution
While the discovery of agents (via initialize/tools/list) is free, execution of the Authenticated Multi-LLM Agent is metered. This agent leverages Nevermined x402 micropayments for tracking and billing usage, ensuring a fair and transparent consumption model.
Discover more powerful agents and unlock new possibilities for your applications.
Top comments (0)