User interfaces are our primary gateway into the digital world. Every login, form completion, or app navigation is designed to demand your direct engagement. Yet with artificial intelligence on the rise, this long-standing paradigm is now under scrutiny - challenging the very notion of what “user experience” should be.

This evolution isn’t entirely new. Only a decade ago, we saw the Consumerization of Enterprise: businesses began adopting the sleek designs and user-friendly features of consumer apps (like smartphones and social platforms) within corporate software. Back then, control shifted from centralized IT to agile teams, setting new expectations for user experience despite challenges like data management and subscription overhead.

A similar transformation is now on the horizon. Soon, the vast majority of digital interactions will be mediated by intelligent agents. This shift collides with an infrastructure built for direct human control, exposing friction whenever an AI attempts to handle our routine tasks. The moment one gives an AI assistant the task of booking an appointment or answering an email you discover how painfully human-centric our current systems are. Tokens expire. Passwords need reentry. OAuth permissions typically only enable very course means to limit access rights. Agentic Experience (AX) will supercede User Experience (UX). Agents will navigate the complex digital terrain, manage repetitive tasks, and sift through noise such that humans can concentrate on creativity and insight.

While we’ve witnessed tremendous progress in automation over recent years, much of today’s digital infrastructure remains fundamentally human-centric. Public APIs and protocols like OAuth 2.0 were designed in an era when manual intervention was the norm, built primarily for human users rather than for resilient digital proxies. In practice, these protocols offer only a narrow range of authorization scopes that force human interaction, leaving little room for the nuanced delegation required by intelligent agents. The spec accommodates “scopes” that can be relatively fine-grained (e.g., “read:email,” “write:calendar”), but it doesn’t dictate which specific scopes must be available - or how extensive they can be. If a user could arbitrarily define scopes (e.g., “My agent can only read emails with subject lines about scheduling”), the backend would need a robust policy engine to enforce that logic.

This limitation is compounded by an ecosystem where a patchwork of browsers, APIs, and legacy systems reinforces a significant power imbalance. A few large players dictate the available scopes and, by extension, how humans can interact with the web. Users have minimal ability to shape or refine these permissions. Even as decentralized networks strive to rebalance this dynamic, achieving secure, auditable, and user-controlled delegation across web applications remains an unsolved challenge.

We must rethink authentication from first principles. It’s not enough to have “Sign in with Google.” Agents must be able to authenticate in ways that let them represent you with precise, revocable permissions. We need a ground-up rethinking of identity, security, and delegation. Potentially, this involves ephemeral certificates, time-bound credentials, or an extended form of WebAuthn. The core principle is: your agent has exactly the privileges you grant - and nothing more. As a user itself, one should not think of it as giving up control, but as empowering a trusted partner to act in your behalf, amplifying your presence without diluting your identity.

Imagine a future where every digital interaction is an opportunity to delegate and automate wisely. In this vision, agents become our personal amplifiers and virtual co-processors. The infrastructure behind this vision is built on three pillars:

• Expressive Interaction: Systems that understand nuanced human intent and translate it into precise, machine-readable actions.
• Resilient Authentication: New protocols - that extend existing authentication solutions - allow agents to operate securely and autonomously, using frameworks like web authentication (webauthn) and browser-based interaction.
• Consented Delegation: Standards that ensure every delegated action is auditable and bound by predetermined constraints, agreed to by the human user, blending automation and accountability.

At the heart of this transformation lies a paradox: Ownership and delegation are not opposites but complements. True ownership is about control - about having your data and your identity firmly in hand. Delegation, on the other hand, is about amplifying that control. It’s about leveraging trusted agents to extend your capabilities while maximizing autonomy. Finding the balance between these forces is both a philosophical challenge and a technical one.

In a true agentic ecosystem, the notion of an “app” with a user interface will disappear. Each “application” will be an autonomous service that can negotiate, exchange information, and process tasks with your personal agent. Rather than a user opening an app to check flight prices, your agent simply communicates with the airline’s agent to find, book, and confirm a reservation - no manual interaction with checkboxes and drop-down menus.

The future of the web is not about being overwhelmed by minutiae; it’s about reclaiming our time and mental space for the truly important. The answer is not to abandon ownership, but to refine it. In our daily life, as well as at work. By learning to delegate, we unlock the potential for deeper thought, greater creativity, and a more human-centric digital experience.

Read. Write. Own. Delegate.

---

Special thanks to Joseph Bonneau and Ryan MacArthur for feedback and review.