Agent identity: A new access model for Claude Tag

1. SPSpeaker0:00

   [instrumental music] Hey, I'm Noah. I'm the product manager for Claude Tag, a proactive multiplayer agent that works alongside your team. I want to walk you through how we design agent identity for Claude Tag and the key setup steps you'll need to take. First, the problem. When you put Claude in a channel with five people, act as a user stops making sense. Whose permissions apply? The last person who tagged Claude? The least privileged? And when Claude synthesizes a code change from five separately filed issues and an alert from your monitoring system that came in at three AM, there's no requesting user at all. So for Claude Tag, we had to rebuild the concept of agent permissioning for a product where agents collaborate proactively across multiple teammates. To do this, we decided that Claude should act as itself. It has its own account or service keys in your systems with access and admin can granularly assign an audit across different workspaces and channels. What it can reach in a channel never changes based on who asked. It's predictable for users and legible for security teams. Let me show you what setting that up actually looks like. Let's start by opening up the Claude Tag admin UI. Here you can see that I have Claude Tag set up with two main scopes: my overall workspace scope and a private channel scope for the data team. You'll notice that these scopes have zero access attached yet. If you tag Claude from this workspace, it won't be able to connect to any external systems. Let's start by provisioning default access for my Slack workspace. This is the baseline, what Claude can reach anywhere in the workspace. A good way to think about it, the workspace is your common denominator, the access you'd be comfortable with truly any member of the workspace having. Let's start by creating an access bundle. An access bundle is a named set of connections, repository access, skills, and standing instructions. I'm going to create this access bundle with the name General Tooling because it's what I'm going to provision for, again, everyone in my workspace. And the first connection I'm going to apply into this access bundle is for a general project management software. This is something everyone in the workspace already touches and uses every day. And here's the part that matters. The credential I'm pasting is one I made for Claude, not mine, not a teammate's. It's an account for my agent scoped on the provider side to exactly what I want Claude to read. We're going to test the credential. Awesome. And good to go. So great. So now I've provisioned a access bundle that holds this project management software. I'm now going to take that access bundle and attach it to my workspace, which is actually what grants the access to everyone in my Slack workspace. You'll now see this access shows up and every single channel in the workspace inherits it. Tag Claude anywhere, and it can read the project tracker with the scopes I set under its own name. Let's hop over to Slack and give that a spin. [instrumental music] Now for the step up. For the data team's private channel, I'm going to create a second access bundle, this one with read access to our data warehouse, and assign it just to their channel. That warehouse credential only exists in this channel. Everywhere else in the workspace, Claude can't reach it. The channel is the boundary. This is how we'll provision more sensitive credentials that should be scoped to singular teams. [instrumental music] And then there are credentials that should never belong in a shared space at all. Think highly sensitive or need to know tools like recruiting software or people data. For those, use a DM. When you DM Claude Tag, Claude runs your own Claude AI account, your connections, your credentials. In the channel, think about Claude as a general teammate. In a DM, it's your personal assistant with all of your own tools. And that's really the model, the agent identity model that powers Claude Tag, a workspace baseline as your common denominator for access for everyone in your company. Channel step-ups where a specific team needs more and DMs for what should truly stay personal. It's what lets a whole channel steer the same Claude without anyone's personal credentials in play and without the answer to what can Claude do changing every time someone new joins this thread. Set it up once, and your whole team benefits. Thank you so much for watching, and I'm excited to hear about how your team tags Claude in. [instrumental music]

Episode duration: 4:28