Skip to main content

Acting on Its Own

In this walkthrough, John asks the Wayfinder Concierge for flights from Colombo to Singapore and follows up with a request for recommendations. The Concierge answers from the booking API catalog. No popup, no extra consent — it makes the calls under its own identity, using its M2M token.

Prerequisites

Complete Setup before starting this walkthrough.

Background

Connect to Services covers the requirements story behind this use case.

Walk Through the Use Case

  1. Sign in to Wayfinder as john.doe and open the chat widget.

  2. Send:

    What flights are there from Colombo to Singapore?

    The AI Agent recognises this as a browsing tool. It calls the search_flights MCP tool with its own M2M token, and replies in the chat with the list of available flights.

  3. Send a follow-up:

    Suggest a few flight deals.

    This calls the recommend_flights MCP tool, which requires the booking:recommend scope. The agent gets it because it requests scope=booking:recommend when fetching its M2M token. The Recommender role you assigned to WAYFINDER-CONCIERGE during setup grants exactly that permission.

No consent popup appears at any point. The user never sees the agent's M2M token — it lives entirely inside the AI Agent.

Try a Variant

  • Tail the AI Agent logs while sending the message. You can see the client_credentials token request go out to ThunderID with scope=booking:recommend, and the Authorization: Bearer … header on the MCP call.
  • Remove the Recommender role assignment from the agent in the Console. Ask for recommendations again and watch the agent surface the 403 back to you in natural language — the M2M token no longer carries booking:recommend.
Concepts

Agent identity. WAYFINDER-CONCIERGE is a first-class principal in ThunderID with its own credentials. Treating it as an identity — not just an API key — is what lets you grant, restrict, audit, and revoke its access independently of any user. See Manage Agents and Agent Authentication.

Authorization. The recommend_flights tool is protected by booking:recommend on the booking-api resource server. The agent's M2M token carries that permission because the agent holds the Recommender role — exactly the same requireScope check that gates user tokens applies to the agent's. See Authorization.

ThunderID LogoThunderID Logo

Product

DocsAPIsSDKs

Community

ContributingDiscussionsReport an Issue

Resources

ReleasesGitHub
© WSO2 LLC. All rights reserved.Privacy PolicyCookie Policy