Describe the Bug:
When deploying an orchestrator agent to Agent Runtime using a traditional Service Account, Agent-to-Agent (A2A) remote communication via AgentRegistry.get_remote_a2a_agent works as expected. However, when switching the orchestrator agent to use Agent Identity, all outbound remote A2A calls fail with a 401 Unauthenticated error. In both scenarios, the underlying IAM permissions configured for the identities are identical.
The mTLS fixes introduced in commit 03671c6 addressed token binding for the internal AgentRegistry endpoints, but this transport mechanism does not appear to carry over when invoking custom remote URLs via the A2A client layer.
Steps to Reproduce:
- Deploy a
google-adk (v2.4.0) orchestrator agent using Agent Identity.
- Deploy a
google-adk (v2.4.0) sub-agent using Agent Identity.
- Attempt to invoke the sub-agent from the orchestrator using
AgentRegistry.get_remote_a2a_agent(AGENT_NAME, httpx_client=httpx_client).
- Observe a consistent
401 Unauthenticated failure.
- Switch the orchestrator agent back to a standard Service Account and observe a successful invocation.
Expected Behavior:
The library should natively handle Agent Identity credentials for outbound A2A communication, or the library should document how to securely bridge the bound mTLS token context to external remote A2A agents without dropping token-sharing prevention (GOOGLE_API_PREVENT_AGENT_TOKEN_SHARING_FOR_GCP_SERVICES described here)
Observed Behavior:
All outbound remote A2A calls fail with a 401 Unauthenticated error.
Error Log:
ERROR:google_adk.google.adk.agents.remote_a2a_agent:A2A request failed: HTTP Error 401: Client error '401 Unauthorized' for url https://<region>-aiplatform.googleapis.com/reasoningEngines/v1/projects/<project>/locations/<region>/reasoningEngines/<id>/api/a2a/app
Environment Details:
- google-adk==2.4.0
- Local OS: Windows
- Deployment Target: Google Agent Runtime
- Python version: 3.13.14
Model Information:
- Are you using LiteLLM: No
- Which model is being used: gemini-2.5-flash
Regression:
- Did this work in a previous version of ADK? No.
- How often has this issue occurred?: Always (100%)
Describe the Bug:
When deploying an orchestrator agent to Agent Runtime using a traditional Service Account, Agent-to-Agent (A2A) remote communication via
AgentRegistry.get_remote_a2a_agentworks as expected. However, when switching the orchestrator agent to use Agent Identity, all outbound remote A2A calls fail with a401 Unauthenticatederror. In both scenarios, the underlying IAM permissions configured for the identities are identical.The mTLS fixes introduced in commit 03671c6 addressed token binding for the internal
AgentRegistryendpoints, but this transport mechanism does not appear to carry over when invoking custom remote URLs via the A2A client layer.Steps to Reproduce:
google-adk(v2.4.0) orchestrator agent using Agent Identity.google-adk(v2.4.0) sub-agent using Agent Identity.AgentRegistry.get_remote_a2a_agent(AGENT_NAME, httpx_client=httpx_client).401 Unauthenticatedfailure.Expected Behavior:
The library should natively handle Agent Identity credentials for outbound A2A communication, or the library should document how to securely bridge the bound mTLS token context to external remote A2A agents without dropping token-sharing prevention (
GOOGLE_API_PREVENT_AGENT_TOKEN_SHARING_FOR_GCP_SERVICESdescribed here)Observed Behavior:
All outbound remote A2A calls fail with a 401 Unauthenticated error.
Error Log:
Environment Details:
Model Information:
Regression: