On-behalf-of delegation is an OAuth pattern that lets one identity act using authority derived from another identity. In agentic systems, it is the mechanism that preserves accountability across chained actions, but it must be paired with traceability and policy context to remain governable.
Expanded Definition
On-behalf-of delegation is an OAuth pattern in which one identity obtains limited authority to act for another identity, usually by exchanging a user token for a downstream token that carries constrained scopes. In NHI and agentic AI environments, it is used when an AI agent, workflow, or service must complete a task without inheriting unrestricted standing access.
The key distinction is that the acting entity is not becoming the original identity. It is executing with delegated authority, which should remain bounded by purpose, audience, and duration. That makes the pattern different from simple shared credentials, impersonation, or broad service-account reuse. Guidance across vendors is still evolving on how to encode delegation chain, but the security intent is consistent: preserve attribution while reducing privilege.
For governance context, NHI Management Group recommends pairing delegation with traceable consent, policy enforcement, and short-lived tokens, aligned with NIST Cybersecurity Framework 2.0 principles for access control and accountability. The most common misapplication is treating delegated access as equivalent to the original user’s authority, which occurs when downstream services fail to enforce scope narrowing and context checks.
Examples and Use Cases
Implementing on-behalf-of delegation rigorously often introduces token-handling complexity, requiring organisations to weigh stronger traceability against added integration and policy maintenance overhead.
- An AI assistant retrieves customer data from an internal API using a delegated token tied to the requesting analyst, so each read is attributable to a human sponsor.
- A workflow engine submits a change request to a deployment service on behalf of an approver, but only within the exact approval scope and time window.
- A support bot calls a ticketing system using on-behalf-of credentials so the action is logged against the service desk agent, not a shared automation account.
- An enterprise federation layer uses delegation to let a SaaS integration act for a user while avoiding direct exposure of the user’s long-lived credentials.
In practice, this pattern becomes far more defensible when it is paired with lifecycle controls described in Ultimate Guide to NHIs and with standards-based access policy from NIST Cybersecurity Framework 2.0. It is also common in agentic orchestration, where one agent must call another tool or service without collapsing all permissions into a single high-trust identity.
Why It Matters in NHI Security
On-behalf-of delegation matters because it is one of the few ways to preserve both least privilege and accountability when machines act across systems. Without it, organisations often fall back to shared secrets, overbroad service accounts, or direct credential forwarding, all of which make incident response and access review much harder. NHIs already outnumber human identities by 25x to 50x in modern enterprises, and 97% carry excessive privileges, which means delegation flaws can amplify a broader privilege problem rather than solve it.
When delegation is implemented poorly, audit logs lose meaning, revocation becomes inconsistent, and policy decisions cannot be traced to a clear initiator. That creates special risk in agentic AI, where chained actions may look legitimate until a downstream misuse event exposes the missing control point. NHI Management Group notes that only 20% of organisations have formal offboarding and API key revocation processes, which makes delegated access especially fragile when identities change or tasks end. The same risk pattern is reflected in the Ultimate Guide to NHIs, where access sprawl and weak lifecycle discipline are recurring failure modes. Organisations typically encounter the need to govern on-behalf-of delegation only after a token misuse, failed attribution review, or privilege escalation exposes who was really acting for whom.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-02 | Delegated access must avoid secret sprawl and uncontrolled token reuse. |
| NIST Zero Trust (SP 800-207) | AC-6 | Zero Trust requires least privilege for every access decision, including delegated actions. |
| NIST CSF 2.0 | PR.AC-4 | Access permissions should be managed and reviewed across delegated identities. |
Map delegated entitlements, review them regularly, and revoke them when the initiating context ends.
