feat: Add Auth-Agent (Authentication for Web Agents like Browser Use and Browserbase).

[hetpatel-11]

Integrate Auth Agent (https://auth-agent.com) to enable AI agents using tools like browser-use, BrowserBase, and other agent frameworks to autonomously manage Supermemory on behalf of users.

Value Proposition

Enable AI agents (using browser-use, BrowserBase, etc.) to:

• Automatically dump memories from web browsing sessions and workflows

Implementation

• Scenario 1: Full Account Access (starting point - see docs for alternatives)
• Uses official [email protected] with built-in Auth Agent logo
• Complete OAuth 2.1 flow with PKCE security
• Token exchange and /userinfo endpoint integration
• Middleware support for Auth Agent sessions

⚠️ Customization Required

This is a functional starting point. You should:

1. ✏️ Complete Better Auth integration (see TODO comments in callback)
2. 🔧 Choose your preferred scenario (1, 2, or 3)
   • Scenario 2: Separate agent profiles with user context
   • Scenario 3: Independent agent profiles (perfect for "agent workspace")
3. 📝 Add audit logging for agent actions
4. 🔐 Implement permission controls
5. 🎨 Customize UX and error handling

See https://docs.auth-agent.com/guides/website-quickstart for all scenarios.

Changes

Added

• OAuth callback handler: apps/web/app/api/auth/auth-agent/callback/route.ts
• Auth Agent button: packages/ui/button/auth-agent-button.tsx
• Documentation: AUTH_AGENT_INTEGRATION.md (comprehensive setup guide)
• Environment config in .env.example

Modified

• Login page: Added "Sign in with Auth Agent" button
• Middleware: Recognize Auth Agent session cookies
• Auth context: Support Auth Agent sessions
• Dependencies: Added [email protected]

Setup Instructions

See AUTH_AGENT_INTEGRATION.md for:

• OAuth client registration
• Environment variable configuration
• Better Auth integration steps
• Scenario comparison and customization options
• Testing instructions with browser-use

Notes

I've tried my best to provide a solid foundation using Scenario 1 (Full Account Access) as the starting point. However, you may want to use Scenario 2 or 3 depending on your use case:

• Scenario 2: Better audit trail, separate agent profiles
• Scenario 3: Independent agent memory (great for "agent workspace" feature)

Feel free to modify anything to fit Supermemory's architecture! The Auth Agent docs at https://docs.auth-agent.com have guides for all scenarios.

[graphite-app]

How to use the Graphite Merge Queue

Add the label Main to this PR to add it to the merge queue.

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

[hetpatel-11]

Here is the repo of Auth-Agent: https://github.com/auth-agent/auth-agent. It is fully open source. Please let me know if you find any issues integrating or anything I could do for you guys.

[hetpatel-11]

@Dhravya Let me know if there are any issues or if you have any suggestions.

[hetpatel-11]

@Dhravya Hey I noticed there is no comment yet. Is there anything I could do for you? Do you have any suggestions or preferences?

[hetpatel-11]

You could also add auth to your mcp now. https://github.com/auth-agent/mcp-auth

[MaheshtheDev]

Thanks for contribution @hetpatel-11 .

Right now, we are not planning on the another auth provider apart from better-auth and there is no huge case for ai browsers remote operate supermemory app. We have supermemory mcp for that reason