Skip to content

feat(server): Support A2A protocol (apache#1762) #2656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Tyooughtul wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(server): Support A2A protocol (apache#1762) #2656

Tyooughtul wants to merge 1 commit into from

Conversation

@Tyooughtul
Copy link

@Tyooughtul Tyooughtul commented Jan 31, 2026

Which issue does this PR close?

Closes #1762

Rationale

A2A protocol requires JWKS support to enable secure agent authentication with multiple identity providers. This change allows agents from different tenants to authenticate using their own public keys, and supports key rotation without requiring server restarts.

What changed?

Added JWKS support for secure agent-to-agent authentication. The implementation includes a JwksClient that fetches and caches public keys from JWKS endpoints, integrated JWKS into JwtManager for multi-tenant agent authentication, and updated HTTP middleware to support asynchronous JWT decoding. Also added TrustedIssuerConfig to support configuring multiple trusted issuers.

Local Execution

  • Passed
  • Pre-commit hooks ran

AI Usage

  1. Which tools? Grok fast
  2. Scope of usage?
  • I use ai for write test case and running scripts.
  • Some config code to test code:
# Trusted issuers for A2A (Application-to-Application) authentication
[[http.jwt.trusted_issuers]]
issuer = "test-issuer"
jwks_url = "http://127.0.0.1:8081/.well-known/jwks.json"
audience = "iggy.apache.org"
  • Some debug! to help me find bugs。
  1. How did you verify the generated code works correctly?
  • Compile successfully with cargo check --package server and cargo build --package server.
  • Test case passed.
  1. Can you explain every line of the code if asked? Yes

@Tyooughtul
feat(server): Support A2A protocol (apache#1762)
f619dbc 
- Support JWKS for A2A compliant secure agent authentication
- Enable key rotation without restarting the server
- Allow agents from different tenants to publish to the same Iggy bus
@Tyooughtul Tyooughtul closed this Jan 31, 2026
@Tyooughtul Tyooughtul reopened this Jan 31, 2026
@hubcio
Copy link
Contributor

hubcio commented Jan 31, 2026

hey! thanks for contribution - we'll check this after the weekend.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Integration with Google Agent2Agent Protocol

2 participants

@Tyooughtul @hubcio