1. Human-in-the-loop - how to request users to grant additional authorization in an out-of-band manner. 2. Agent credential handling - Define architectures and patterns for agents using credentials at their disposal