Anthropic adds workload identity federation

Anthropic’s Claude API just got a more enterprise-shaped login path. Instead of stuffing a long-lived API key into a server, CI job, or Kubernetes secret, a workload can now show up with a short-lived identity token from its own platform and swap that for temporary Claude access. That sounds small, but it fixes one of the most annoying parts of production AI plumbing — static secrets that never really die. (platform.claude.com) Anthropic quietly turned that pattern into a first-class documented feature with Workload Identity Federation. (platform.claude.com) ### What is Anthropic actually adding? Workload Identity Federation, or WIF, is a way for a machine workload — not a human — to authenticate to the Claude API using an OpenID Connect token issued by an identity provider it already trusts. (platform.claude.com) Anthropic’s docs name AWS IAM, Google Cloud, Microsoft Entra ID, GitHub Actions, Kubernetes service accounts, SPIFFE, and Okta as supported patterns or standards-compliant issuers. ### Why is that better than an API key? API keys are easy, but they are also static secrets. Anthropic’s own auth docs still position keys as the quick-start option for local development and scripts, and note that they do not expire. That means teams have to store them, rotate them, and worry about where they leaked. (platform.claude.com) WIF flips that model — the token expires in minutes, so the blast radius is much smaller if something escapes. ### How does the flow work? The basic pattern is simple. A workload gets a signed JWT from its cloud or identity platform. Anthropic checks that JWT against trust rules configured in the Claude Console, then returns a short-lived access token tied to a service account inside the organization. Under the hood, the exchange happens through `POST /v1/oauth/token` using the OAuth JWT-bearer grant from RFC 7523, with fields including the JWT assertion, federation rule ID, organization ID, and service account ID. (platform.claude.com) ### What does Anthropic make you configure? Anthropic’s side has three main pieces — a service account, a registered issuer, and a federation rule. The rule is the important bit. It decides which incoming tokens are allowed based on claims like issuer, subject, repository, branch, or service-account identity. (platform.claude.com) Basically, Anthropic is not just trusting “GitHub” or “Google Cloud” in the abstract. It is trusting a very specific workload identity pattern you define. ### Which platforms matter most here? The cloud-provider guides make clear this is aimed at real production environments. AWS support covers Lambda, EC2, ECS, and EKS, with a recommended STS-based token path. Google Cloud covers Cloud Run, Cloud Functions, App Engine, Compute Engine, and GKE. (platform.claude.com) Azure covers managed identities and AKS via Entra Workload Identity. GitHub Actions gets a dedicated CI/CD flow, and Okta covers service applications using `client_credentials`. ### Is this a complete security fix? Not really — and Anthropic says that pretty plainly. WIF only works as well as the upstream identity system issuing the token. If your cloud IAM setup is sloppy, federating that sloppiness into Claude does not help. The gain is that AI access can now sit inside the same workload identity, conditional access, and audit patterns security teams already use elsewhere. (platform.claude.com) ### So why does this matter now? Because AI APIs have been living in an awkward middle ground. Teams want to treat model access like any other production dependency, but too often they still authenticate with a copied secret in an environment variable. Anthropic is closing that gap. The practical result is not “better prompts.” It is cleaner service-to-service auth, fewer secrets in repos and CI systems, and a much easier story for companies that already run on zero-trust-ish identity controls. (platform.claude.com) ### Bottom line? Anthropic did not change what the Claude API can do. It changed how serious teams can reach it. And for enterprise AI, that is one of the most important upgrades you can ship. (platform.claude.com 1) (platform.claude.com 2)