MODULE 05

Identity Passthrough
for AI Agents

When an AI queries data on behalf of a user, who runs the query? Learn to implement identity passthrough so AI respects user permissions and generates meaningful audit trails.

~8 min read
Intermediate
Identity & Access
Full Step-by-Step Documentation ~20 min

🎯 What is Identity Passthrough?

Identity passthrough means the AI system doesn't become the identity. Instead, it acts on behalf of the authenticated user, so permissions, row-level security, and audit logs still apply as if the user made the request directly.

Without identity passthrough, AI queries typically run under a shared service account. This means every AI request has the same permissions, and audit logs show "AI Service" instead of the actual user. That's a compliance nightmare.

Three Critical Benefits

🔐

Proper Data Access

Database-level security (row-level security, column masking) applies automatically.

📋

Meaningful Audit Trails

Logs show actual user identity, not generic service accounts.

🛡️

Blast Radius Containment

Compromised sessions only access what that specific user could access.

🔄 How Token Forwarding Works

The AI application receives the user's authentication token and includes it with every API call to DreamFactory:

👤
User
Authenticates & gets token
🤖
AI Agent
Receives & forwards token
🔌
DreamFactory
Validates & applies permissions
🗄️
Database
Query runs as user

💻 Implementation Example

Python 
import requests

def ai_query_with_passthrough(user_token, query_params):
    """
    AI generates query but uses the user's token.
    Database permissions apply to the actual user.
    """

    # The key: pass the user's token, not a service account
    response = requests.get(
        f"{DREAMFACTORY_URL}/api/v2/db/_table/orders",
        headers={
            "Authorization": f"Bearer {user_token}",
            "Content-Type": "application/json"
        },
        params=query_params
    )

    # Results are automatically filtered by user's permissions
    # Audit log shows: "User: john.doe@company.com"
    # NOT: "User: ai-service-account"

    return response.json()

🔗 Supported Identity Providers

DreamFactory supports identity passthrough with all major enterprise identity systems:

🏢
Active Directory / LDAP
🔑
SAML 2.0 (Okta, OneLogin)
🌐
OAuth 2.0 / OIDC
☁️
Azure AD / Entra ID
🗄️
Database Native Auth
🎫
JWT Tokens

💡 Why Blast Radius Matters

⚠️

Without Identity Passthrough

A compromised AI session using a shared service account potentially exposes all data the service account can access. One breach = everything.

With Identity Passthrough

A compromised session can only access data that specific user was authorized to see. The blast radius is contained to one user's permissions.

🚀 Next Steps

  • Read the full blog post for detailed implementation guides
  • Explore Module 02 to learn about MCP Server configuration
  • Review your current AI integrations. Are they using identity passthrough?

Ready to implement? Get the complete step-by-step guide with code examples, screenshots, and troubleshooting tips.

Full Step-by-Step Documentation ~20 min