Beyond the Sandbox: Runtime Authorization for OpenClaw Agents with PlainID and Keycloak

OpenClaw gives AI teams a fast path to building and deploying agents, but without tight guardrails across the entire agentic flow and runtime authorization, it can also give those agents a clear pass to organization’s sensitive data and tools. In this demo, we explore why simply sandboxing AI agents isn’t enough once they need real access. We break down how the PlainID OpenClaw plugin enforces real-time authorization across user identities, agent identities, binding their context, and the specific tools they invoke.

Inside the demo, Motti Gabai, PlainID’s Product Manager, walks you through:

• The Extended Runtime Check: How PlainID actively couples the authenticated user (via Keycloak), the specific AI agent, and the target resources in a single authorization workflow.
• Real-world database risk: Watch what happens when a general employee tries to bypass restrictions by asking a general-purpose AI agent to list the tables in a restricted SQL database.
• Stopping rogue tool invocations: See how the PlainID plugin instantly intercepts and blocks unauthorized database operations and MCP tools, because the user lacks the proper permissions.