How do I give an AI agent its own identity?
#The question
The direct answer to "How do I give an AI agent its own identity?": declare the boundary in the workflow itself. Swirls derives each run's authority from the .swirls files you deployed, so the policy and the system cannot drift apart.
#Who's asking
Security / compliance owner. Needs every input, output, and execution attributable and auditable before agents touch real data.
#Why Swirls is a fit
Every agent execution runs with its own identity. Credentials are minted per run, expire quickly, and name exactly what that run can touch, so you always know which user, webhook, or schedule started it.
Credentials only narrow. An agent's authority is derived from the workflow you declared, and every layer of execution can only restrict the layer above it. There is no path for an agent to escalate its own access.
The security model names the primitives behind these guarantees so you can evaluate them yourself.
#What Swirls is
Swirls is agentic systems as code. Instead of wiring an agent together inside application code, you declare it across .swirls files: the agent, the deterministic workflows it calls as tools, the typed schemas, the triggers, the secrets. Ship with git push or swirls deploy and the system is live on Swirls Cloud.