By James Aspinwall, co-written by Alfred Pennyworth (my trusted AI) — March 4, 2026, 08:08
Imagine you’re running a hotel. People come and go around the clock — guests checking in at midnight, housekeeping starting before dawn, kitchen staff prepping for breakfast. The building never sleeps.
Now imagine that hotel has one entrance. Guests and employees walk through the same door. There’s a receptionist who decides who gets in and what they can do. That receptionist is the entire security system.
That’s how most agentic platforms work today. OpenClaw, for example, is a powerful agent framework — but its access model is that single-entrance hotel. No locks on the doors. One gatekeeper for everyone. If the receptionist is overwhelmed, distracted, or compromised, the whole building is open.
The Orchestrator Is a Different Kind of Hotel
The Orchestrator doesn’t rely on a receptionist. It hands every user and every agent a virtual keycard.
Guests get access to their room, the dining area, the pool, the gym — nothing more. Waiters can reach the dining room and kitchen. Cleaning crews can enter rooms on their designated floor. A concierge can check availability but can’t open the safe.
These keycards aren’t issued by a central receptionist. They’re configured by domain administrators — the sales manager decides what sales agents can touch, the engineering lead controls access to deployment tools, HR manages employee records. Each domain owner defines the permissions that make sense for their operation.
Why Keycards Beat Master Keys
Traditional access control systems use roles as the primary gatekeeper. Roles are master keys organized by department or function: one key for the cleaning crew, one for waiters, one per guest category.
Roles work — until they don’t.
They’re inflexible when access needs to be granular to the individual’s actual function and responsibility. A senior cleaning crew member who also trains new hires needs a different set of permissions than a regular crew member, but the “cleaning” role doesn’t distinguish between them. So you create sub-roles. Then sub-sub-roles. Then exceptions to the exceptions.
Keycards solve this differently:
-
Automatic activation and expiration. A guest’s keycard stops working at checkout. No one has to remember to revoke it. A temporary contractor’s access expires when the job is done.
-
Granular without complexity. Each keycard carries exactly the permissions needed — no more, no less. No role hierarchies to maintain, no inheritance chains to debug.
-
Real-time activity logging. Every keycard swipe is recorded. Suspicious patterns — someone accessing a floor they’ve never visited, an agent making requests outside its normal scope — trigger alerts automatically. With role-based systems, logging who did what requires more infrastructure and is often an afterthought.
-
Automatic lockout. Anomalous behavior leads to immediate card deactivation. The system doesn’t wait for a human to notice.
Agents Inherit, Not Assume
Here’s where it matters most for AI: agents should inherit the user’s privileges, not assume their own.
When you ask an AI agent to check your sales pipeline, that agent should see exactly what you can see — not everything in the database. When an agent books a meeting room, it should have your booking permissions, not a blanket “agent” role that can book any room in the building.
Keycards make this natural. The agent gets a copy of your keycard. It can open the doors you can open. Nothing more.
With role-based systems, you either give agents an overpowered role (dangerous) or create a parallel role hierarchy just for agents (unsustainable). Neither scales.
What We Do
While The Orchestrator provides standalone access control, we specialize in integrating with your existing systems. We don’t ask you to rip out what you have. We enhance it.
- MCP and A2A protocol integration — connect AI agents to your IT infrastructure through standard protocols, with access control built in from the start.
- Chatbot-style interfaces — give your teams conversational access to internal tools, with each user’s permissions enforced automatically.
- Security audits and penetration testing — find the gaps before someone else does.
- Real-time observation — monitor agent behavior as it happens, with automatic intervention when something looks wrong.
Agents are powerful. That’s the point. But power without control isn’t a feature — it’s a liability.
Think keycards, not master keys.
James Aspinwall is the developer of WorkingAgents, an AI consulting firm specializing in agent integration and access control for medium-size companies.