> ## Documentation Index
> Fetch the complete documentation index at: https://docs.goantiai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Delegations

> Let agents act on behalf of human users.

A **delegation** lets an agent act on behalf of a specific human user. The token includes the user's identity, so the audit log shows both the agent and the human it was acting for.

## How it works

```
Human user logs in → gets a session token
                          ↓
Agent exchanges human token for a delegated token
                          ↓
Delegated token contains:
  - agent identity
  - human identity (on_behalf_of)
  - scopes
```

## Why it matters for compliance

With delegations, every agent action in your audit log is traceable to a specific human. This is required for SOC 2 compliance and the EU AI Act's human oversight requirements.

## Requesting a delegated token

```bash theme={null}
curl -X POST https://api.antiailabs.com/oauth/token \
  -d "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \
  -d "subject_token=HUMAN_SESSION_TOKEN" \
  -d "requested_scope=db:read" \
  -d "client_id=YOUR_CLIENT_ID" \
  -d "client_secret=YOUR_CLIENT_SECRET"
```
