Framework enables encrypted, human-approved credential access for autonomous agents
SANTA BARBARA, Calif.–(BUSINESS WIRE)–Bitwarden, the trusted leader in password, passkey, and secrets management, today announced the Agent Access SDK, an open standard to help organizations and developers securely manage how AI agents request, receive, and use credentials. The Agent Access SDK is a standalone, open source development toolkit that does not introduce any AI functionality into the Bitwarden product and does not grant AI systems persistent or unrestricted access to vault data. Currently in an early alpha phase, the SDK is intended for developers exploring secure access patterns, not for production credential orchestration or autonomous access.
Identity remains the leading cause of security breaches. As organizations adopt AI agents to automate workflows, those systems increasingly require credentials to access applications and services. Without appropriate safeguards, the use of AI agents can introduce risks including overscoped access, credential exposure, and limited visibility into how automated systems interact with sensitive information.
A secure framework for agent credential access
The Agent Access SDK establishes a secure framework for how AI agents request credentials from password managers and other software solutions while maintaining human oversight. Instead of granting agents broad access to stored credentials, the framework supports just-in-time credential access tied to specific tasks.
When an agent needs access to a credential, the SDK enables requests to be sent through an end-to-end encrypted channel that is presented to the user for approval. Once approved, the credential is securely transmitted to complete the approved action. This workflow allows teams and developers to benefit from AI-driven automation while maintaining visibility and control over credential usage. Credential access is limited to user-approved, just-in-time access, helping ensure agents operate within tightly scoped boundaries rather than persistent access to vault data.
The SDK is independent from the Bitwarden product and is designed for developers building or evaluating secure credential access patterns in external AI-driven workflows.
With the Agent Access SDK, Bitwarden is helping define a model for credential security in agent-driven workflows as autonomous systems become more integrated into everyday computing environments.
Preparing for evolving identity workflows
Identity security is expanding beyond traditional user authentication models. As autonomous agents increasingly interact with applications and services, organizations and developers must extend existing identity protections to these agent-driven interactions.
The Agent Access SDK supports this shift by providing:
- Just-in-time credential access, allowing agents to access only the credentials required for a specific task when needed.
- End-to-end encryption, helping ensure credentials remain protected throughout the credential exchange process.
- Human-in-the-loop approval, giving users visibility and control over every credential used by an automated workflow.
- Prevent plaintext exposure, supporting injection of encrypted credentials into the process, instead of shared to the agent in plaintext chats or .env files.
Together, these safeguards help reduce credential exposure risks while maintaining control over how automated tools access sensitive systems.
Open collaboration and early availability
The Agent Access SDK is available today in alpha phase as an open source project, providing early access for community collaboration and experimentation. Developers, security professionals, and organizations are invited to explore the framework, review the codebase, build with it in their own development environments, and contribute to the advancement of secure agent credential workflows. At this time, use of the SDK within business production systems is not recommended.
As an open standard, it invites transparency, independent review, and broad adoption across the security ecosystem, allowing the community to collaboratively develop safer credential access models as automation and agent-driven workflows evolve.
For more information about the Agent Access SDK and secure AI agent credential access, visit: https://bitwarden.com/blog/introducing-agent-access-sdk/
About Bitwarden
Bitwarden equips enterprises and individuals with the power to securely manage and share information online with trusted open source security solutions. With a password manager for everyone, users can easily manage their entire online identity anywhere. Bitwarden Secrets Manager and Passwordless.dev enhance developer secrets security and streamline passkey development for end users and workforce authentication. Founded in 2016, Bitwarden serves over 50,000 businesses and more than 10 million users worldwide across 180 countries in 50+ languages. The company is headquartered in Santa Barbara, California. Learn more at bitwarden.com.
Contacts
Press Contact:
Mike Stolyar
Director of Communications
[email protected]
