Tool Auth Without Building It Yourself

AI might take our jobs, but it hasn’t figured out how to pivot a layoff into a learning experience.

Speaking of LinkedIn - if this week's Tool Tuesday helps, feel free to drop it into your next thought spiral. Up to you whether you let AI help write it.

And if there’s a tool, problem, or headache you want us to cover next, hit reply and let us know.

---

Tool Tuesday: Arcade and OpenAI Agent SDK for Production-Ready Tool Calling

One of the core challenges with agent systems today is secure access to tools.

You might ask, “What about all those MCP servers?”

They're on the way, but as of now, MCP auth for tool use isn’t production-ready.

This week’s Tool Tuesday is sponsored by Arcade.dev and explores how to implement secure tool calling today using their platform.

What is Arcade?

Arcade is an agentic AI platform built to help developers create, test, and run AI agents that can safely and effectively use tools.

Here’s what it includes:

• Managed auth for tool use
  Arcade handles authentication and authorization for tool calls, so agents can act on behalf of users without exposing credentials or over-scoping permissions.

• LLM-native tools
  Instead of just wrapping existing APIs, Arcade provides a library of tools designed specifically for LLMs to use effectively - with structured interfaces and predictable behavior. This is part of what they call “Machine Experience Engineering.”

• Toolkit Development Kit (TDK)
  A TDK framework for building your own tools, testing them across models, and defining precise OAuth scopes. It’s designed to follow least-privilege principles, so you’re not over-granting access.

• Agent SDKs
  Available in Python, TypeScript, and Go, so you can plug Arcade’s tool calling into your own orchestration logic or frameworks.

• Framework integrations
  Works with most of the major agentic orchestration frameworks out of the box.

Quick Example (Slack + Google multi-agent system)

Here’s how you can quickly build a multi-agent system with access to secure tools using Arcade and the OpenAI Agents SDK.

First, install the dependencies:

Shell

pip install agents-arcade arcadepy

Get an API Key, and set it to the environment (Or set it directly when initializing the client)

Shell

export ARCADE_API_KEY=YOUR_ARCADE_API_KEY

Import all the dependencies we need, and initialize the Arcade client:

Python

from agents import (Agent, Runner, Tool, RunContextWrapper,
                      TResponseInputItem,)

from functools import partial
from arcadepy import AsyncArcade
from agents.arcade import get_arcade_tools

USER_ID = "user@example.com"
client = AsyncArcade()
    

Let’s define our main function. Use the client to get Google and Slack tools:

Python

async def main():
    google_tools = await get_arcade_tools(client, toolkits=["google"])
    slack_tools = await get_arcade_tools(client, tools=["slack"])
    

Authenticate all tools, Arcade will generate manage all the OAuth flows on our behalf:

Python

# add to main()
for tool in google_tools + slack_tools:
    result = await client.tools.authorize(tool_name=tool.name, user_id=USER_ID)
    if result.status != "completed":
        print(f"Click this link to authorize {tool.name}:\n{result.url}")
    await client.auth.wait_for_completion(result)
    

From this point, all the tools are authenticated and ready for us to use.

Let’s define 3 agents and assign the tools and handoffs. This will be a fully connected triangle with 3 agents, we’ll be using the conversation agent as the root, and delegating to specialized Google or Slack agents:

Python

# add to main()
google_agent = Agent(
    name="Google Agent",
    instructions="You are a helpful assistant that can assist using tools"
                 " to manage a Google account, contacts, and inbox.",
    handoff_description="An agent equipped with Google tools",
    model="gpt-4o",
    tools=google_tools,
)

slack_agent = Agent(
    name="Slack agent",
    instructions="You are a helpful assistant that can assist using tools"
                 " to interact with Slack."
                 " You have tools to manage channels and send DMs.",
    handoff_description="An agent equipped with Slack tools",
    model="gpt-4o",
    tools=slack_tools,
)

conversation_agent = Agent(
    name="Conversation Agent",
    instructions="You are a helpful assistant that can help with everyday"
                 " tasks. You can handoff to another agent with access to"
                 " Gmail tools if needed. You can also handoff to an agent"
                 " with Slack tools if needed. Handoff to the appropriate"
                 " agent based on the services required.",
    model="gpt-4o",
    handoffs=[google_agent, slack_agent],
)

google_agent.handoffs.extend([conversation_agent, slack_agent])
slack_agent.handoffs.extend([conversation_agent, google_agent])
    

Now we only need to start the conversation loop!

Python

# add to main()
history: list[TResponseInputItem] = []

while True:
    prompt = input("You: ")
    if prompt.lower() == "exit":
        break
    history.append({"role": "user", "content": prompt})
    result = await Runner.run(
        starting_agent=conversation_agent,
        input=history,
        context=context
    )
    history = result.to_input_list()
    print(result.final_output)
    

Let’s call the agent:

Python

if __name__ == "__main__":
    import asyncio

    asyncio.run(main())
    

Now ask it do to things like:

• Summarize my latest 10 emails, and send the summary to me as a DM on Slack

• Read the latest messages on the #general, #random, and #todo channels in Slack and send a summary to my email

• Add a meeting with Alex to my calendar for tomorrow at 2pm, send Alex a DM in Slack with the link to the meeting

Wait, wasn’t MCP the future of tool calling?

The demo above doesn’t show it, but Arcade is MCP compatible and will continue to support it. They’re actively contributing to the security components of the MCP spec.

MCP defines the protocol layer - Arcade sits above that as a platform:

Final Verdict: Ready for Prod

️Rating: ️️️️️ (5/5)

Arcade is one of the most active startups focused on tool calling infrastructure.

You should consider using Arcade if…

• You’re building production-grade agents that need secure tool calling today.

• Your workflows require agents to act on behalf of users, not just bots.

• You want a tool calling stack that’s protocol-agnostic.

• You’re building tools and need agentic evals to test them across multiple models.

You might want to wait if…

• Your agents don’t require tool calling.

• Your current solution (e.g., Local MCP, OpenAI Function Calling) already fits your needs.

Explore Arcade:

• Arcade Repo on GitHub

• Official Docs

• Arcade’s perspective on MCP

Final Thought:

Arcade is addressing one of the key blockers to deploying robust agent systems, while maintaining a strong focus on developer experience. Their commitment to supporting MCP and other protocols makes them worth watching.

Curious how others are approaching agent infra?

Join the discussion in the MLOps Community Slack.