ADR-037: A2A Authentication Strategy

Status: Proposed Version: 1.0 Date: 2026-01-04 Supersedes: N/A Related ADRs: ADR-038 (A2A Protocol & Semantic Kernel Integration) Related PRDs: PRD-027

Context

The A2A Gateway receives tasks and messages from external agents. PRD-027 requires authenticated task reception and declares OAuth 2.0 bearer tokens as a supported authentication scheme. SDS-056 enforces Task.authenticated as a policy precondition, but the authentication mechanism is not specified.

Without an explicit authentication strategy:

• The gateway cannot consistently determine request identity.
• The Task.authenticated invariant is unenforced by design.
• Security hardening work lacks an agreed implementation path.

Decision

Use Authorization: Bearer tokens for A2A gateway authentication with a dedicated authentication middleware/adapter that:

1. Extracts the bearer token from the Authorization header.
2. Validates the token via the SEA™ authentication service or provider.
3. Produces an AuthContext with is_authenticated, subject, and scopes.
4. Sets Task.authenticated based on AuthContext.is_authenticated.

The A2A gateway MUST reject unauthenticated requests for endpoints that create or mutate tasks, returning a standard UNAUTHENTICATED error response.

Consequences

• A2A endpoints gain a consistent, spec-defined authentication mechanism.
• SDS-056 can safely rely on Task.authenticated in preconditions.
• Token validation implementation is centralized (middleware/adapter).

Alternatives Considered

1. API keys in custom headers
   • Rejected: diverges from PRD-027 and standard A2A/OAuth expectations.
2. Mutual TLS
   • Rejected: operationally heavy for MVP; reserved for future hardening.
3. Anonymous tasks with optional auth
   • Rejected: conflicts with POL-562 and security requirements.