Session discipline for agentic OAuth clients

Schlussel keeps CLI and agent swarms from invalidating each other’s sessions. Here’s the model it follows and what it guarantees.

Locking strategy

• Each provider formula defines a lock scope (per-client-id + user).
• Token refresh runs through a single lock; concurrent processes queue instead of racing.
• Locks are cross-process and cross-shell so CI jobs and local agents coordinate.

Storage

• OS-native stores by default: Keychain on macOS, Credential Manager on Windows, libsecret on Linux.
• File and memory stores exist for sandboxes, but are opt-in so we don’t invent another vault.
• Stored entries carry expiry and scope metadata so refreshers can decide when to rotate.

Flows

• Device code and authorization code with PKCE ship as first-class flows.
• Shared formulas encode endpoints, scopes, quirks, and onboarding steps per provider.
• Dynamic registration is supported for providers like Claude CLI that mint API keys on demand.

Invariants we protect

• A refresh is either serialized or rejected; never double-fired.
• Tokens are never printed unless explicitly asked (schlussel token <provider>).
• Formulas are versioned with the binary to keep clients and CLI in sync.