fix(spec): Fix/1251 clarify authentication scheme #1256

darrelmiller · 2025-11-30T02:02:36Z

…ub.com/a2aproject/A2A into fix/1251-clarify-authentication-scheme

gemini-code-assist · 2025-11-30T02:02:47Z

Summary of Changes

Hello @darrelmiller, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on improving the clarity and precision of documentation within the a2a.proto specification, specifically concerning authentication details for push notifications. The changes provide more robust explanations for authentication schemes and credentials, referencing official standards to ensure a clearer and more accurate understanding for implementers.

Highlights

Authentication Scheme Clarification: The comments for the schemes field within the AuthenticationInfo message have been updated to provide more precise guidance, including references to the IANA registry and RFC 9110 for HTTP Authentication Schemes, along with common examples like Bearer, Basic, and Digest.
Credential Description Enhancement: The description for the credentials field in the AuthenticationInfo message has been clarified to specify its purpose for Push Notification credentials and to indicate that its format depends on the chosen authentication scheme.
Push Notification Authentication Wording: A minor wording improvement was made to the comment for the authentication field in the PushNotificationConfig message for better clarity.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	`/gemini review`	Performs a code review for the current pull request in its current state.
Pull Request Summary	`/gemini summary`	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	`/gemini help`	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

gemini-code-assist

Code Review

This pull request improves the clarity of comments related to push notification authentication in the a2a.proto specification. The changes fix a grammatical error and provide much more specific and helpful descriptions for authentication schemes and credentials, including links to relevant standards. While the changes are a definite improvement, they also bring to light a potential ambiguity in how credentials should be handled when multiple authentication schemes are specified. I've added a comment to discuss this further.

gemini-code-assist · 2025-11-30T02:04:00Z

specification/grpc/a2a.proto

 message AuthenticationInfo {
-  // A list of supported authentication schemes (e.g., 'Basic', 'Bearer').
+  // HTTP Authentication Schemes from the [IANA registry](https://www.iana.org/assignments/http-authschemes/).
+  // Common values: `Bearer`, `Basic`, `Digest`. Scheme names are case-insensitive per [RFC 9110 Section 11.1](https://www.rfc-editor.org/rfc/rfc9110#section-11.1).
  repeated string schemes = 1 [(google.api.field_behavior) = REQUIRED];
-  // Optional credentials
+  // Push Notification credentials. Format depends on the scheme (e.g., token for Bearer).
  string credentials = 2;
 }


While the updated comments provide much-needed clarity, they also highlight a potential ambiguity in the design of AuthenticationInfo. The schemes field is a repeated string, allowing a client to specify multiple supported authentication schemes for its webhook (e.g., Bearer and Basic). However, the credentials field is a single string.

This becomes problematic because the format of credentials is often scheme-specific. For example, a Bearer token is different from Basic auth credentials (base64(user:pass)).

How is an agent supposed to use the single credentials string if multiple schemes are listed? It's unclear which scheme the credentials belong to or how to format the Authorization header.

To resolve this, you could consider one of the following:

Clarify in comments (non-breaking): Add a comment recommending that clients specify only one scheme in the schemes list if credentials are required, to avoid ambiguity.

Refactor the message (breaking change): A more robust long-term solution would be to refactor this message to explicitly link credentials to their scheme. For example:

message AuthSchemeWithCredentials { string scheme = 1; string credentials = 2; } message AuthenticationInfo { repeated AuthSchemeWithCredentials schemes = 1; }

Given this PR is focused on clarification, option 1 might be more appropriate for now. A follow-up issue could be created to discuss a potential breaking change for a future version.

@darrelmiller Gemini makes a good point here. Maybe not the specific refactor it suggests, but it could make sense to use AuthenticationInfo as a repeated field in PushNotificationConfig

@holtskinner Yes, we need to fix this. I would choose to remove the repeated completely. Why would a calling agent provide multiple options for the server agent to use, considering it is providing all the information needed for the server agent to authenticate the callback. I think a single scheme should be sufficient.

muscariello · 2025-12-16T12:47:13Z

/vote

git-vote · 2025-12-16T12:47:16Z

Vote created

@muscariello has called for a vote on fix(spec): Fix/1251 clarify authentication scheme (#1256).

The members of the following teams have binding votes:

Team
@a2aproject/a2a-tsc

Non-binding votes are also appreciated as a sign of support!

How to vote

You can cast your vote by reacting to this comment. The following reactions are supported:

In favor	Against	Abstain
👍	👎	👀

Please note that voting for multiple options is not allowed and those votes won't be counted.

The vote will be open for 11months 29days 3h 50m 24s. It will pass if at least 51% of the users with binding votes vote In favor 👍. Once it's closed, results will be published here as a new comment.

git-vote · 2025-12-17T12:59:33Z

Vote status

So far 12.50% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
1	0	0	7

Binding votes (1)

User	Vote	Timestamp
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@ToddSegal	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-18T13:18:30Z

Vote status

So far 12.50% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
1	0	0	7

Binding votes (1)

User	Vote	Timestamp
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@ToddSegal	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-19T13:19:50Z

Vote status

So far 12.50% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
1	0	0	7

Binding votes (1)

User	Vote	Timestamp
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@ToddSegal	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-20T13:48:30Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-21T13:49:50Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-22T14:18:30Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-23T14:19:51Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-24T14:40:33Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-25T14:49:51Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-26T15:10:33Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-27T15:19:51Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-28T15:40:34Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-29T15:49:52Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-30T16:10:34Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2025-12-31T16:19:52Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-01T16:40:35Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-02T16:49:53Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-03T17:10:35Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-04T17:19:53Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-05T17:40:35Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-06T17:49:53Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-07T18:10:36Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

git-vote · 2026-01-08T18:19:54Z

Vote status

So far 25.00% of the users with binding vote are in favor and 0.00% are against (passing threshold: 51%).

Summary

In favor	Against	Abstain	Not voted
2	0	0	6

Binding votes (2)

User	Vote	Timestamp
ToddSegal	In favor	2025-12-19 19:20:09.0 +00:00:00
muscariello	In favor	2025-12-16 12:47:26.0 +00:00:00
@darrelmiller	Pending
@lerhaupt	Pending
@geneknit	Pending
@hughesthe1st	Pending
@000-000-000-000-000	Pending
@SivaNSAP	Pending

darrelmiller added 2 commits November 29, 2025 20:57

Updated description of push notification auth fields

0da79fa

Merge branch 'fix/1251-clarify-authentication-scheme' of https://gith…

c3befc3

…ub.com/a2aproject/A2A into fix/1251-clarify-authentication-scheme

darrelmiller requested a review from a team as a code owner November 30, 2025 02:02

gemini-code-assist bot reviewed Nov 30, 2025

View reviewed changes

darrelmiller added 2 commits November 30, 2025 11:01

Added iana to the spelling list

181f2e1

Apparently I forgot my alphabet

1b7a4d5

guglielmo-san mentioned this pull request Dec 11, 2025

[Bug]: authentication Field in Push Notification Config Ignored a2aproject/a2a-js#239

Open

1 task

Merge branch 'main' into fix/1251-clarify-authentication-scheme

c060427

git-vote bot added gitvote gitvote/open labels Dec 16, 2025

fix(spec): Fix/1251 clarify authentication scheme #1256

Are you sure you want to change the base?

fix(spec): Fix/1251 clarify authentication scheme #1256

Conversation

darrelmiller commented Nov 30, 2025

Uh oh!

gemini-code-assist bot commented Nov 30, 2025

Summary of Changes

Highlights

Footnotes

Uh oh!

gemini-code-assist bot left a comment

Choose a reason for hiding this comment

Code Review

Uh oh!

gemini-code-assist bot Nov 30, 2025

Choose a reason for hiding this comment

Uh oh!

holtskinner Dec 10, 2025

Choose a reason for hiding this comment

Uh oh!

darrelmiller Dec 24, 2025

Choose a reason for hiding this comment

Uh oh!

muscariello commented Dec 16, 2025

Uh oh!

git-vote bot commented Dec 16, 2025

Vote created

How to vote

Uh oh!

git-vote bot commented Dec 17, 2025

Vote status

Summary

Binding votes (1)

Uh oh!

git-vote bot commented Dec 18, 2025

Vote status

Summary

Binding votes (1)

Uh oh!

git-vote bot commented Dec 19, 2025

Vote status

Summary

Binding votes (1)

Uh oh!

git-vote bot commented Dec 20, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 21, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 22, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 23, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 24, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 25, 2025

Vote status

Summary

Binding votes (2)

Uh oh!

git-vote bot commented Dec 26, 2025

Vote status

Summary

Binding votes (2)

Uh oh!