Get your free personalized podcast brief
We scan new podcasts and send you the top 5 insights daily.
Current identity standards like OIDC are insufficient for AI agents. The future requires a "three-legged stool" identity combining a service account (the agent's identity), owner role claims, and "on-behalf-of" claims inherited from the user.
Related Insights
Frameworks from firms like KPMG and AWS emphasize that AI agents must be treated as entities with identities and permissions. A strong IAM foundation is a critical control layer to prevent agents from accessing or unintentionally leaking sensitive information, reflecting a broader shift to treat agents like any other privileged user in an IT ecosystem.
Simply giving an agent a user account is dangerous. An agent creator is liable for its actions, and the agent has no right to privacy. This requires a new identity and access management (IAM) paradigm, distinct from human user accounts, to manage liability and oversight.
Current AI tools are in "easy mode" because they operate with the user's direct authentication and permissions. The much harder, yet-to-be-solved problem is "hard mode": autonomous agents that need their own scoped access to enterprise resources without dramatically increasing security risks.
Traditional identity models like SAML and OAuth are insufficient for agents. Agent access must be hyper-ephemeral and contextual, granted dynamically based on a specific task. Instead of static roles, agents need temporary permissions to access specific resources only for the duration of an approved task.
An AI agent cannot simply use a human's credentials. It requires its own identity, permissions, and access controls for security and traceability. This means SaaS companies will likely charge for agent seats, creating a significant new revenue stream.
Managing human identities is already complex, but the rise of AI agents communicating with systems will multiply this challenge exponentially. Organizations must prepare for managing thousands of "machine identities" with granular permissions, making robust identity management a critical prerequisite for the AI era.
Todd McKinnon conceptualizes AI agents not as simple tools but as a fundamentally new identity category. This identity possesses attributes of both a human user (roles, permissions) and a system (automation, being headless). This reframing is central to building the next generation of enterprise security and access management.
Teleport's decision to build a single identity layer for humans, machines, and workloads prepared them for the AI wave. This architecture became critical for containing non-deterministic AI agents, as enforcing security policies requires reasoning about all identity types simultaneously.
The rise of autonomous software agents like Cognition's "Devin" introduces a new, critical security layer: agent identity. Organizations must decide if agents have their own unique identities or inherit them from the deploying user. This is fundamental for creating auditable logs and securing their actions.
Instead of building complex new control layers for AI, the emerging best practice is to treat each agent as a separate entity. This means giving them their own accounts, API keys, and permissions, mirroring how you would onboard a new human employee to manage access and security.