How are you handling authority/permissions for AI agents that can take real actions?

I’m researching a question around AI agents and would love input from people actually building/deploying them. As agents move from answering questions into taking actions (sending emails, approving things, ordering, changing records, negotiating, etc.), I’m curious how teams think about **agent authority**. For example: If an agent makes a decision that creates a commitment, how do you know it was actually within the scope of permission it was given? Do your current auth systems capture just “this agent can access X” or also “this agent can agree to Y but not Z”? If a user disputes an agent action later, is there an audit trail showing what the agent was allowed to do at that moment? I’m coming at this from a legal/technical angle and trying to figure out whether this is a real engineering problem teams are already dealing with, or whether it’s mostly a future concern. Would especially appreciate perspectives from anyone building agent frameworks, enterprise AI systems, security tooling, or autonomous workflows.