Bearer secrets can be replayed once exposed, so possession of the token becomes enough to act. That breaks the assumption that machine access remains tied to the intended holder, which is why sender-constrained proof-of-possession controls matter for service accounts and automated workflows.
Why This Matters for Security Teams
Bearer secrets turn machine access into a possession problem: whoever has the token can act until it expires or is revoked. That is fragile for service accounts, CI/CD runners, and AI-enabled automation because those workloads move faster than human review cycles. Current guidance suggests treating secrets exposure as an operational inevitability, not a rare exception, which is why the OWASP Non-Human Identity Top 10 emphasises stronger identity primitives than static credentials.
The practical failure is not just theft, but replay. Once a bearer token is copied from code, logs, chat, or an agent toolchain, it can often be used elsewhere with no proof that the original workload is still the actor. NHIMG research shows how often this becomes real in production: the Guide to the Secret Sprawl Challenge documents how leaks spread across repositories and collaboration systems, while The State of Secrets Sprawl 2026 reports that 64% of valid secrets leaked in 2022 are still valid and exploitable today.
In practice, many security teams discover the weakness only after an exposed token has already been replayed from a pipeline, browser cache, or ticket attachment.
How It Works in Practice
When machine identities rely on bearer secrets, the security boundary is the secret itself. That means any process, person, or tool that can present the token is treated as trusted, even if the token was copied out of context. For automated systems, that breaks down quickly because credentials tend to appear in build logs, environment variables, shared scripts, and agent outputs. A better pattern is to pair workload identity with proof-of-possession or other sender-constrained mechanisms so the token is useful only when the caller can prove it is the intended runtime.
Operationally, teams should favour short-lived credentials, task-scoped issuance, and automated revocation. That reduces the replay window and limits blast radius if a secret leaks. In higher-assurance environments, policy should be evaluated at request time, not only at provisioning time. This is where intent-aware controls matter: the system should ask what the workload is trying to do, whether that action is expected, and whether the current context justifies access. The Ultimate Guide to NHIs makes the static-versus-dynamic distinction especially clear for teams moving away from long-lived secrets.
- Use workload identity to prove what the workload is, not just what secret it knows.
- Issue ephemeral credentials per job, per session, or per tool invocation where possible.
- Bind access to context such as destination, time, workload attestation, and policy state.
- Revoke on completion and monitor for reuse outside the expected runtime path.
For implementation detail, the OWASP Non-Human Identity Top 10 aligns with the need to reduce standing access, while CI/CD pipeline exploitation case study shows how quickly a single leaked credential can propagate through automated delivery paths. These controls tend to break down when legacy services require shared static keys because one secret then becomes both identity and authorisation for multiple unrelated workflows.
Common Variations and Edge Cases
Tighter credential binding often increases integration overhead, requiring organisations to balance replay resistance against deployment complexity. That tradeoff is especially visible in older systems that cannot easily adopt workload identity, hardware-backed key protection, or per-request token exchange. In those environments, bearer secrets may remain temporarily necessary, but current guidance suggests compensating with aggressive TTLs, network scoping, and automated secret scanning rather than assuming the token is safe because it is “internal.”
Edge cases also appear in human-in-the-loop automation, where a service account may need to initiate actions after a user approves them. The right answer is not a permanent shared secret, but a chain of short-lived, auditable credentials that preserve provenance across the workflow. The 52 NHI Breaches Analysis is useful here because many incidents trace back to overlong credential life, weak rotation, or poor containment after exposure.
There is no universal standard for sender-constrained machine identity yet, so implementation choices vary by platform. The safest pattern is to prefer ephemeral proof-of-possession where supported, and to treat any leftover bearer secret as a temporary exception with a documented expiry plan. Without that discipline, a copied token remains functionally equivalent to a cloned identity.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Bearer secrets need rotation, TTL, and revocation to reduce replay risk. |
| NIST CSF 2.0 | PR.AC-1 | Identity proof and access restrictions are central when tokens can be replayed. |
| NIST AI RMF | Autonomous workflows need governance for context-aware, runtime access decisions. |
Replace long-lived machine secrets with short-lived, rotated credentials and automate revocation.
Related resources from NHI Mgmt Group
- What breaks when machine-to-machine access still relies on shared secrets?
- How do machine identities change the passwordless evaluation?
- How should security teams implement sender-constrained tokens for machine identities?
- How should security teams replace client secrets in machine-to-machine authentication?
