Initiative profile

IETF Web Bot Auth

WIP

Working group standardizing cryptographic authentication for bots and AI agents on the web.

Visit website Back to catalog
Website
datatracker.ietf.org/wg/webbotauth/about
Latest update
Jan 17, 2026 Use cases draft published
Primary approach
New infrastructure
Pipeline
Collect / Retrieve

What it is

The IETF Web Bot Auth working group is developing standards for cryptographically authenticating automated clients and conveying more information about their operators to websites. That matters for data-licensing and AI-governance workflows because stronger bot identity can make differentiated access rules, rate limits, and policy enforcement more reliable.

The group is still in an active standardization phase, with chartered work on authentication techniques, bot metadata, and operational guidance.

Watchouts

Web Bot Auth focuses on authenticated bot identity and operator metadata, not on expressing reuse permissions; it is complementary to preference-signal efforts such as AIPref.

Evidence trail