How Arcade helps with Agent Authorization
The challenges that Arcade AI solves
Applications that use Large Language Models (LLM) to perform tasks (agentic applications) commonly require access to sensitive data and services. Authentication complexities often hinder AI from performing tasks that require user-specific information, like what emails you recently received or what's coming up on your calendar.
To retrieve this information, agentic applications need to be able to authenticate and authorize access to external services you use like Gmail or Google Calendar.
Authenticating to retrieve information, however, is not the only challenge. Agentic applications also need to authenticate in order to act on your behalf - like sending an email or updating your calendar.
Without auth, AI agents are severely limited in what they can do.
How Arcade AI solves this
Arcade AI provides an authorization system that handles OAuth 2.0, API keys, and user tokens needed by AI agents to access external services through tools. This means your AI agents can now act on behalf of users securely and privately.
With Arcade AI, developer can now create agents that can as as the end user of their application to perform tasks like:
- Creating a new Zoom meeting
- Sending or reading email
- Answering questions about files in Google Drive.
Arcade AI also allows for actions (tools) to be authorized directly. For example, to access a user's Gmail account, you can initiate an authorization flow:
from arcadepy import Arcade
client = Arcade() # Automatically finds the `ARCADE_API_KEY` env variable
# Unique identifier for the end user
user_id = "[email protected]"
# Request access to the user's Gmail account
auth_response = client.tools.authorize(
tool_name="Google.ListEmails",
user_id=user_id,
)
print(f"Please authorize access by visiting: {auth_response.authorization_url}")
Then, wait for the user to complete the authorization process:
# Wait for the authorization to complete
auth_response = client.auth.wait_for_completion(auth_response)
Once authorized, your AI agent can securely access the user's emails:
emails_response = client.tools.execute(
tool_name="Google.ListEmails",
user_id=user_id,
)
print(emails_response)
Tool Authorization
Consider the difference between accessing public information and private user data:
-
Tools that don't require authorization: Some tools, like
Search.SearchGoogle
, allow AI agents to retrieve information from the web without needing user-specific authorization.from arcadepy import Arcade client = Arcade() # Use the Search.SearchGoogle tool to perform a web search search_response = client.tools.execute( tool_name="Search.SearchGoogle", inputs={"query": "Latest AI advancements"}, ) print(search_response)
-
Tools that require authorization: Other tools, like
Google.ListEmails
, require user authorization to access private data such as emails.from arcadepy import Arcade client = Arcade() # Unique identifier for the end user user_id = "[email protected]" # Request access to the user's Gmail account auth_response = client.tools.authorize( user_id=user_id, tool_name="Google.ListEmails", ) print(f"Please authorize access by visiting: {auth_response.authorization_url}") # Wait for the authorization to complete auth_response = client.auth.wait_for_completion(auth_response) # Run the tool emails_response = client.tools.execute( tool_name="Google.ListEmails", user_id=user_id, ) print(emails_response)
Custom Tools with Auth
You can also create custom tools that require authorization for all of the services that Arcade AI supports. The ToolContext
object provides tools tokens at runtime enabling tools to make authenticated requests on behalf of the user. For more details on how to use ToolContext
in your custom tools, refer to the Tool Context guide.