DEV Community

vishalmysore
vishalmysore

Posted on

A2UI Authentication Example

#agents #architecture #java #security

This article explores how authentication and authorization are implemented in A2UI agents, using agents based on a2ajava and tools4ai — DerbyService as a practical example. We'll examine Role-Based Access Control (RBAC), method-level security, and A2UI's security architecture.

Authentication in A2UI Agent

HTTP Authentication Headers

client sends authentication via standard HTTP headers. The example shows Basic Authentication

https://github.com/vishalmysore/SqlAIAgent/blob/main/src/main/java/io/github/vishalmysore/service/DerbyService.java

Demo : https://vishalmysore.github.io/simplea2ui/

authorization: Basic YExampleNotReal=
x-a2a-extensions: https://a2ui.org/a2a-extension/a2ui/v0.8
Enter fullscreen mode Exit fullscreen mode

The x-a2a-extensions header is crucial as it enables A2UI functionality.

Spring Security Integration

DerbyService leverages Spring Security for authentication and authorization :

@PreAuthorize("hasRole('ADMIN')")
@Action(description = "Create database")
public Object createDatabase(String databaseName)

@PreAuthorize("hasRole('USER')")
@Action(description = "Create tables")
public Object createTables(TableData tableData)
Enter fullscreen mode Exit fullscreen mode

RBAC Policy Implementation

Role-Based Method Protection

Different actions require different privileges in service:

Role Protected Methods Description
ADMIN createDatabase Can create new databases
USER createTables, insertDataInTable, retrieveData Can manage tables and data
ANY Public methods Unprotected operations

Security-Aware Method Design

Each method includes basic ( can be extended further) security checks:

if (databaseName == null || databaseName.trim().isEmpty()) {
    if (isUICallback(getCallback())) {
        return createSingleInputForm(/*...*/);
    }
    return "Database name is required.";
}
Enter fullscreen mode Exit fullscreen mode

This pattern ensures:

  • Input validation before processing
  • UI fallbacks for missing data
  • Appropriate responses based on client context

A2UI Security Architecture

Trust Boundaries

A2UI establishes explicit trust boundaries between agents and clients .

Security Layers

A2UI provides multi-layered security :

  • Protocol Level: Structured messages only
  • Schema Validation: JSON schema compliance
  • Component Catalog: Pre-approved components only
  • Rendering Sanitization: Framework-native escaping
  • Browser Security: CSP and HTTPS enforcement

Authentication Mechanisms

Supported Methods

Beyond Basic Auth, A2UI supports multiple authentication approaches :

  1. Bearer Token (JWT/OAuth) 
authorization: Bearer <jwt_token>
Enter fullscreen mode Exit fullscreen mode
  1. API Key Authentication 
x-api-key: api_key_here
Enter fullscreen mode Exit fullscreen mode
  1. mTLS (Mutual TLS)

For enterprise security scenarios

  1. Custom Headers 
x-custom-auth: custom_token_value
Enter fullscreen mode Exit fullscreen mode

Implementation Example

Here's how to implement JWT authentication in middleware :

app.use((req, res, next) => {
    const token = req.headers.authorization?.replace('Bearer ', '');
    if (!validateToken(token)) {
        return res.status(401).send('Unauthorized');
    }

    res.setHeader('X-A2A-Extensions', 'https://a2ui.org/a2a-extension/a2ui/v0.8');
    next();
});
Enter fullscreen mode Exit fullscreen mode

Security Best Practices

Input Validation

Always validate inputs from external agents:

if (tableData == null || tableData.getRowDataList() == null ||
    tableData.getRowDataList().isEmpty()) {
    return handleMissingData();
}
Enter fullscreen mode Exit fullscreen mode

UI Security

  • Never pass credentials through A2UI data models
  • Use secure, out-of-band authentication
  • Implement proper session management

Client-Side Security

Configure Content Security Policy headers :

Content-Security-Policy:
  default-src 'self';
  script-src 'self';
  frame-src 'none';
Enter fullscreen mode Exit fullscreen mode

Advanced Security Patterns

Multi-Agent Security

When using orchestrators with multiple sub-agents :

  • Isolate Sub-Agent UI Surfaces: Use unique surface IDs per agent
  • Validate All AgentCards: Treat sub-agent metadata as untrusted
  • Implement Per-Agent Limits: Resource quotas per agent

Custom Authorization

Extend beyond roles with custom expressions :

@PreAuthorize("@securityService.canAccessDatabase(authentication, #databaseName)")
public Object createDatabase(String databaseName)
Enter fullscreen mode Exit fullscreen mode

Security Checklist

For Agent Developers

  • Validate all inputs before processing
  • Use parameterized queries for database operations
  • Implement proper error handling without exposing internals
  • Use HTTPS in production
  • Treat all external data as untrusted

For Client Developers

  • Configure strict CSP headers
  • Validate A2UI messages against schemas
  • Sanitize all text content
  • Implement rate limiting
  • Monitor for DoS attacks

For Security Administrators

  • Implement least-privilege access
  • Regularly rotate credentials
  • Monitor audit logs
  • Test for injection vulnerabilities
  • Keep dependencies updated

Summary

DerbyService demonstrates a a security pattern that combines Spring Security's RBAC with A2UI's declarative UI model. By following these practices and leveraging A2UI's built-in security features, you can create secure, multi-agent applications that maintain clear trust boundaries while providing rich, interactive user interfaces.

The key is treating all external agents as untrusted entities while providing secure, role-based access to application's functionality through A2UI's declarative component system.

Top comments (0)