Home
How Arcade helps

How Arcade helps with Agent Authorization

The challenges that Arcade AI solves

Applications that use Large Language Models (LLM) to perform tasks (agentic applications) commonly require access to sensitive data and services. Authentication complexities often hinder AI from performing tasks that require user-specific information, like what emails you recently received or what's coming up on your calendar.

To retrieve this information, agentic applications need to be able to authenticate and authorize access to external services you use like Gmail or Google Calendar.

Authenticating to retrieve information, however, is not the only challenge. Agentic applications also need to authenticate in order to act on your behalf - like sending an email or updating your calendar.

Without auth, AI agents are severely limited in what they can do.

How Arcade AI solves this

Arcade AI provides an authorization system that handles OAuth 2.0, API keys, and user tokens needed by AI agents to access external services through tools. This means your AI agents can now act on behalf of users securely and privately.

With Arcade AI, developer can now create agents that can as as the end user of their application to perform tasks like:

  • Creating a new Zoom meeting
  • Sending or reading email
  • Answering questions about files in Google Drive.

Arcade AI also allows for actions (tools) to be authorized directly. For example, to access a user's Gmail account, you can initiate an authorization flow:

from arcadepy import Arcade
 
client = Arcade()  # Automatically finds the `ARCADE_API_KEY` env variable
 
# Unique identifier for the end user
user_id = "[email protected]"
 
# Request access to the user's Gmail account
auth_response = client.tools.authorize(
    tool_name="Google.ListEmails",
    user_id=user_id,
)
 
print(f"Please authorize access by visiting: {auth_response.authorization_url}")

Then, wait for the user to complete the authorization process:

# Wait for the authorization to complete
auth_response = client.auth.wait_for_completion(auth_response)

Once authorized, your AI agent can securely access the user's emails:

emails_response = client.tools.execute(
    tool_name="Google.ListEmails",
    user_id=user_id,
)
print(emails_response)

Tool Authorization

Consider the difference between accessing public information and private user data:

  • Tools that don't require authorization: Some tools, like Search.SearchGoogle, allow AI agents to retrieve information from the web without needing user-specific authorization.

    from arcadepy import Arcade
     
    client = Arcade()
     
    # Use the Search.SearchGoogle tool to perform a web search
    search_response = client.tools.execute(
        tool_name="Search.SearchGoogle",
        inputs={"query": "Latest AI advancements"},
    )
    print(search_response)
  • Tools that require authorization: Other tools, like Google.ListEmails, require user authorization to access private data such as emails.

    from arcadepy import Arcade
     
    client = Arcade()
     
    # Unique identifier for the end user
    user_id = "[email protected]"
     
    # Request access to the user's Gmail account
    auth_response = client.tools.authorize(
        user_id=user_id,
        tool_name="Google.ListEmails",
    )
     
    print(f"Please authorize access by visiting: {auth_response.authorization_url}")
     
    # Wait for the authorization to complete
    auth_response = client.auth.wait_for_completion(auth_response)
     
    # Run the tool
    emails_response = client.tools.execute(
        tool_name="Google.ListEmails",
        user_id=user_id,
    )
    print(emails_response)

Custom Tools with Auth

You can also create custom tools that require authorization for all of the services that Arcade AI supports. The ToolContext object provides tools tokens at runtime enabling tools to make authenticated requests on behalf of the user. For more details on how to use ToolContext in your custom tools, refer to the Tool Context guide.