Martin Besozzi AI Security Architect · IAM Architect · CTO · Founder

Archives

All the articles I've archived.

2026 ⁸

May ²

Agent Intent Authorization: Plan-Before-Execute Security for AI Agents

Agent Intent Authorization introduces a plan-before-execute security model for AI agents — the full execution scope is cryptographically approved before any action begins.

21 May, 2026

AI Agents IAM Security Passkeys AuthZEN MCP
AI Agents Require Runtime Authorization: Just-In-Time Passkey Approval for Sensitive Actions

How the Agent Native Authorization (ANA) framework enforces Just-In-Time passkey approval for sensitive AI agent actions — no browser redirects, cryptographic proof, open standards.

10 May, 2026

AI Agents IAM Security Passkeys AuthZEN

March ²

February ¹

Mastering Secure APIs and AI Agents with Zero Trust and Fine-Grained Authorization Based on OpenID AuthZEN

A practical guide to securing APIs, MCP servers, and AI agents with Zero Trust and fine-grained authorization using the OpenID AuthZEN standard.

3 Feb, 2026

IAM Security Open Standards

January ³

2025 ¹

June ¹

Agentic AI Platform for Enterprise IAM: Secure Agent-Driven Governance with Keycloak MCP, Based on Zero-Trust Principles and Fine-Grained Authorization - From Vision to Implementation

A comprehensive guide to building a secure enterprise IAM platform with Keycloak MCP, AuthZEN, and AI agents — covering architecture, open standards, and real-world implementation.

7 Jun, 2025

keycloak agentic-ai mcp-server ai ai-agent

2024 ³

December ¹

Building Scalable Multi-Tenancy Authentication and Authorization using Open Standards and Open-Source Software

How to build scalable multi-tenancy authentication and authorization for B2B platforms using Keycloak Organizations, OpenFGA ReBAC, and Apache APISIX.

8 Dec, 2024

openfga keycloak authentication authorization multi-tenant

July ¹

Deep Dive into Enhancing User Experience with Native Authentication (OAuth 2.0 for First-Party Apps) and Passkeys in Keycloak

A deep dive into native authentication for first-party apps using OAuth 2.0 and Passkeys in Keycloak — eliminating browser redirects for a seamless login experience.

25 Jul, 2024

keycloak native app-authentication passkey enhance-user-experience

June ¹

Mastering Access Control: Low-Code Authorization with ReBAC, Decoupling Patterns and Policy as Code

How to implement low-code, fine-grained authorization using ReBAC, decoupling patterns, and Policy as Code — with Keycloak, OpenFGA, and Apache APISIX.

28 Jun, 2024

rebac authorization low-code apache-apisix openfga

2023 ¹

July ¹

Keycloak Workshop for Step Up with MFA Biometrics Authentication (Passkeys) and Passwordless experience with Passkey autofill

A hands-on workshop covering step-up authentication with MFA, biometric Passkeys, passwordless login, and Passkey autofill using Keycloak.

20 Jul, 2023

IAM Security Open Standards

2022 ²

October ¹

Keycloak integration with OpenFGA (based on Zanzibar) for Fine-Grained Authorization at Scale (ReBAC)

How to integrate Keycloak with OpenFGA (inspired by Zanzibar) to implement scalable Relationship-Based Access Control (ReBAC) with fine-grained authorization.

21 Oct, 2022

openfga api keycloak authorization auth0

January ¹

Keycloak Step-Up and Multi-factor Authentication (MFA) for Web Apps and API

How to implement step-up authentication and Multi-Factor Authentication (MFA) for web apps and APIs using Keycloak, with ACR levels and OPA policy enforcement.

18 Jan, 2022

openid-connect keycloak multifactorauthentication api oauth2