HN Reader

I built a pixel art editor after playing Octopath Traveler II

82 points by Kobayashiii 2d ago 32 comments

Ask ChatGPT for "Assistant Response Preferences" to see what it learnt about you

5 points by shthed 2h ago 2 comments

Ask HN: Who wants to be hired? (May 2025)

124 points by whoishiring 2d ago 308 comments

Ask HN: What are you working on? (April 2025)

406 points by david927 6d ago 1197 comments

Ask HN: Who is hiring? (May 2025)

249 points by whoishiring 2d ago 319 comments

We cut CI emissions by up to 90% – by choosing where code runs

8 points by drydenwilliams 4h ago 2 comments

Ask HN: Best underrated way to get a job in tech during a hiring slowdown?

8 points by tolarewaju3 17h ago 24 comments

Tell HN: Incorporated my software company today

19 points by namanyayg 1d ago 4 comments

Ask HN: What Problem Would You Solve with Unlimited Resources? [May 2025]

6 points by hedayet 14h ago 31 comments

Ask HN: How do I get over my fear of launching my product?

6 points by little_ent 15h ago 10 comments

Building MapReduce (Based on Google Paper)

5 points by venkat1017x 17h ago 0 comments

The engineering interview process is broken, AI cheating is exposing it faster

5 points by ssistilli 18h ago 3 comments

Ask HN: AI tools to help you learn faster (GitHub, books, PDFs)

15 points by ilmoi 1d ago 2 comments

LeetCode for Front End Engineers

6 points by CGamble26 2d ago 7 comments

Ask HN: Memory-safe low level languages?

55 points by hyperbrainer 7d ago 112 comments

Ask HN: Blocked by Cloudflare Infinite verify your human loop

4 points by ksec 11h ago 8 comments

VPNSecure deactivated all lifetime subscribers

15 points by vmrocha 2d ago 9 comments

Ask HN: Why has there been a recent surge in criticism toward Next.js?

3 points by grandimam 17h ago 4 comments

Ask HN: When do tariffs get levied? Who specifically charges them and how?

5 points by givemeethekeys 1d ago 3 comments

Ask HN: Can't launch my Android app – Google couldn't verify your identity

6 points by Naomarik 1d ago 0 comments

Feedback on Tool I Created?

4 points by kevinisherenow 1d ago 8 comments

Ask HN: CS degrees, do they matter again?

86 points by platevoltage 6d ago 235 comments

Ask HN: What's a good system to remember to wear my reading glasses at my desk?

6 points by dottjt 2d ago 26 comments

Ask HN: Sold my company, parents passed away – feeling lost. What now?

19 points by throwaway84321 7d ago 18 comments

Payment processors shouldn't be able to charge through an expired card

17 points by Lopsii 4d ago 19 comments

Ask HN: Are there any apps to track grocery prices in local stores?

23 points by cantrobot 4d ago 16 comments

A affordable retrocomputer compatible with the C64

9 points by kappetrov 3d ago 17 comments

Is the Job Market Improving?

5 points by rizs12 1d ago 7 comments

Ask HN: Parents of young kids: how do you teach that hitting is not acceptable?

7 points by recursiverogue 3d ago 24 comments

Ask HN: Can vibe coding competitions be challenging and fair?

15 points by amichail 6d ago 11 comments

Ask HN: What are your favourite daily puzzle games?

12 points by cookie_monsta 5d ago 15 comments

What are the AI MCP servers wish you existed?

5 points by nsiradze 2d ago 4 comments

Ask HS: Career Advice for Someone Struggling

11 points by aireo 3d ago 21 comments

Ask HN: What Is the Hacker News for Medicine?

7 points by reinaldnaufal 5d ago 7 comments

Ask HN: Would you give your Microsoft Azure keychain to an AI agent?

1 maxchampoux 0 5/4/2025, 6:56:55 AM
Hey HN,

I’m Maxime — a product builder and former Head of Product at Qonto (think Brex for Europe, ~$6B valuation). I recently started something new called [Well](https://wellapp.ai/) (https://wellapp.ai/), where we deploy autonomous agents (via remote browsers or Chrome extensions) to collect supplier invoices on behalf of founders. It saves tons of brain cycles for busy operators.

Now, I know I’m EU-based and this might sound like yet another attempt to regulate everything … but bear with me — the core question is:

> Would you give your Microsoft Azure keychain to an AI agent?

Over the years, I’ve built many integrations — some with OAuth2, others via RPA when no official APIs existed. But with this new generation of agents acting autonomously on behalf of users, I’m starting to wonder: how will we manage authentication and define the scope of what an agent is allowed to do?

*Problem 1: Agent Authentication*

My agents act on my behalf — but I’m extremely anti-password proliferation. While it's tempting to just give an agent my password and 2FA codes, that feels fundamentally broken.

Ideally, I want agents to request access to credentials with a specific scope, duration, and purpose — and I want to manage that access centrally. If I change my password or revoke permissions, the agent should lose access instantly.

*Problem 2: Agent Scope & Consent*

Let’s say an agent gets valid SaaS credentials and starts crawling an account. How do I know it's only collecting invoices, and not poking around in sensitive settings or triggering a password reset?

OAuth solved this with scopes and explicit user consent. But agents today don’t seem to have an equivalent. There’s no "collect-invoices-only" checkbox.

My open question: Should this kind of permissioning live inside a password manager? Or is it the responsibility of agent platforms to build a consent-aware vault? Or should we be thinking about something entirely new — like an MCP (Multi-Agent Control Protocol)?

Would love to hear if anyone has seen serious work or proposals in this space — or if you're tackling similar challenges in your vertical.

Thanks!

Comments (0)

No comments yet