By NHI Mgmt Group Editorial TeamPublished 2025-10-23Domain: Agentic AI & NHIsSource: Descope

TL;DR: CIAM is widening beyond customer login to cover passwordless access, B2B tenancy, privacy compliance, and AI agent authentication, according to Descope’s comparison of six platforms. The governance problem is no longer just user experience or scale, but whether identity controls can safely span human, machine, and agentic access models.


At a glance

What this is: This is a comparative review of six CIAM platforms, with the key finding that CIAM now has to support customer access, partner tenancy, and AI agent authentication in one governance model.

Why it matters: It matters because IAM teams are being pushed to govern external users and non-human access together, which changes how they evaluate authentication, multi-tenancy, lifecycle control, and policy enforcement.

By the numbers:

👉 Read Descope's comparison of six CIAM platforms for external users and AI agents


Context

Customer identity and access management now sits at the intersection of human access, machine authentication, and delegated trust. The article frames CIAM as a control plane for external users, partners, and AI agents, which means the old separation between workforce IAM and customer identity is starting to break down.

That shift matters because modern CIAM is being judged on more than login quality. Teams now have to weigh passwordless adoption, consent, scalability, B2B tenancy, lifecycle management, and non-human identity support in the same programme, which is exactly where many identity architectures become inconsistent.


Key questions

Q: How should security teams govern CIAM when AI agents need access too?

A: Security teams should treat AI agents as a separate identity class, not as enhanced users. That means explicit scoping, tenant boundaries, session controls, and monitoring for delegated actions. CIAM should issue only the minimum access required for the task, and teams should define who owns lifecycle, review, and offboarding for those agent identities.

Q: Why do external identity platforms create governance risk at scale?

A: External identity platforms create governance risk because they concentrate authentication, consent, tenancy, and privilege decisions in one place. If scope is too broad or tenant boundaries are weak, the same policy mistake can affect many customers or partners at once. Scale turns identity misconfiguration into a blast-radius problem rather than a local access issue.

Q: What do teams get wrong about passwordless and passkeys?

A: Teams often treat passwordless as a complete security answer when it is really a credential-format change. Passkeys reduce phishing and secret theft, but they do not remove the need for assurance policy, step-up controls, or lifecycle governance. Identity teams still have to decide when stronger checks are required and who can use each journey.

Q: What is the difference between CIAM and workforce IAM in practice?

A: CIAM governs external populations such as customers, partners, and contractors, while workforce IAM governs employees and internal users. The difference is not just audience size. CIAM has to balance user experience, privacy, and scale across many less predictable identities, which makes multi-tenancy and delegated access more central to design.


Technical breakdown

CIAM as a control plane for external identity

CIAM is no longer just authentication for customers. In practice, it now orchestrates identity proofing, login, authorisation, consent, session policy, and tenant boundaries for external users and connected systems. That makes CIAM the policy layer where usability and security meet, especially in B2B and B2B2X environments. When AI agents and MCP-connected systems enter the picture, the same control plane has to decide how trust is established, how it is scoped, and how far delegated access can extend without collapsing governance. Practical implication: teams should evaluate CIAM as an identity governance layer, not just a login service.

Practical implication: teams should evaluate CIAM as an identity governance layer, not just a login service.

Passwordless access and step-up authentication

Passwordless and passkey-based access reduce reliance on shared secrets and lower the attack surface associated with phishing and credential theft. But passwordless does not remove policy decisions. Step-up authentication, adaptive MFA, and risk-based controls still matter because identity assurance must change with transaction sensitivity, device trust, and session behaviour. In external identity environments, those decisions must also respect user friction, conversion, and self-service design. Practical implication: security teams should separate credential replacement from assurance design, because passkeys alone do not solve authorisation risk.

Practical implication: security teams should separate credential replacement from assurance design, because passkeys alone do not solve authorisation risk.

Agentic identity support and delegated trust

When CIAM extends to AI agents, the control problem changes from human login to machine-to-machine delegation. That brings scoped tokens, inbound and outbound app boundaries, and protocol support for agent authentication into the same discussion as customer access. The important issue is not whether an agent can authenticate, but whether its privileges, tenancy, and session scope are tightly bounded enough to prevent delegated overreach. Practical implication: identity teams should review whether their CIAM stack can express explicit agent boundaries rather than simply issuing credentials to anything that can connect.

Practical implication: identity teams should review whether their CIAM stack can express explicit agent boundaries rather than simply issuing credentials to anything that can connect.


NHI Mgmt Group analysis

CIAM is becoming the external identity control layer for both people and non-human actors. The article shows why customer identity can no longer be treated as a separate experience problem. Once AI agents, partners, and tenants are part of the same journey design, CIAM becomes an identity governance boundary that has to carry assurance, consent, and delegated trust together. Practitioners should treat platform choice as an architectural decision about scope, not just a product comparison.

AI agent identity turns CIAM into a machine identity problem in disguise. The article’s support for agentic identity and MCP-connected access highlights a structural shift: external identity stacks are now being asked to authenticate actors that do not fit the human login model. That means governance assumptions built around user sessions, interactive challenge flows, and customer behaviour analytics will not transfer cleanly. Practitioners need to rethink where authentication ends and privilege enforcement begins.

Multi-tenant CIAM exposes the identity blast radius problem. Once a platform is handling B2B and B2B2X access, a mis-scoped policy or tenant boundary can propagate across partners faster than a conventional workforce IAM mistake. This is a classic external identity failure mode: the more identities a CIAM layer brokers, the more important it becomes to define blast radius by tenant, application, and actor type. Teams should evaluate how containment works before scale amplifies a mistake.

CIAM evaluation criteria now reveal whether a programme is ready for identity convergence. The article’s emphasis on security, UX, scalability, developer experience, integrations, and pricing reflects the real procurement pressure on identity teams. The deeper signal is that CIAM is no longer being bought only for customer access. It is being selected as an operating layer for external identity across humans and machines, which means governance, architecture, and lifecycle design must be evaluated together.

Access reviews built for human accounts do not map cleanly to agentic and partner identities. External identity programmes increasingly include actors that can be provisioned quickly, used briefly, and embedded across ecosystems. That changes the meaning of certification, offboarding, and entitlement scope. Practitioners should expect CIAM to overlap with IGA and PAM decisions more often, not less.

From our research:

  • 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
  • Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
  • For teams extending CIAM into agentic and external identity, start by mapping which access paths create the greatest identity blast radius, then align that work with the Ultimate Guide to NHIs.

What this signals

Identity convergence is now the strategic issue for CIAM teams. As customer journeys begin to absorb agentic access and partner workflows, the old boundary between identity experience and identity governance disappears. Teams should expect procurement to focus less on login mechanics and more on whether the platform can keep tenant isolation, assurance, and lifecycle ownership coherent across actor types.

Identity blast radius is the concept that will matter most as CIAM expands. The practical test is no longer whether a system can authenticate external users. It is whether a policy error can be contained to one tenant, one application, or one delegated actor before it spreads. That is why external identity work now overlaps with NHI governance and should be evaluated alongside the Ultimate Guide to NHIs.

With 52% of companies able to track and audit AI agent data access, the governance gap is already measurable, not theoretical. That figure signals that many identity programmes still lack the visibility needed to certify, investigate, or safely retire non-human access paths as CIAM expands.


For practitioners

  • Map CIAM ownership across actor types Separate human customer journeys, partner access, and AI agent authentication into distinct governance responsibilities so lifecycle, review, and incident handling are not ambiguous.
  • Test tenant boundaries under failure conditions Review whether a mis-scoped policy, connector, or delegated token can spread across customers or partners, then contain that risk at the tenant and application layers.
  • Treat passkeys as one control, not the control Use passwordless methods to reduce secret theft, but keep step-up authentication, session policy, and entitlement review in place for higher-risk actions.
  • Define lifecycle rules for non-human identities Document who provisions, reviews, and offboards AI agent and machine identities, especially where CIAM now issues access to systems rather than just people.

Key takeaways

  • CIAM is no longer just a customer login layer. It is becoming a governance boundary for humans, partners, and AI-driven access paths.
  • The most important design question is not which platform has the most features. It is whether the CIAM stack can keep identity scope, tenant boundaries, and assurance aligned as actor types multiply.
  • Identity teams should plan for convergence between CIAM, NHI governance, and agentic access controls before scale makes policy drift harder to correct.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
OWASP Non-Human Identity Top 10NHI-01CIAM now extends to machine and agent identities that need scoped authentication.
NIST CSF 2.0PR.AC-1External identity and tenancy controls directly affect access enforcement.
NIST AI RMFAgentic identity support introduces governance needs for autonomous or semi-autonomous access.

Review CIAM policy coverage under PR.AC-1 and verify access is constrained by actor and tenant.


Key terms

  • Customer Identity and Access Management: CIAM is the set of controls used to authenticate, authorise, and govern external users such as customers, partners, and contractors. It extends identity practice beyond workforce access, combining security, consent, and user experience for high-scale, externally facing applications.
  • Agentic Identity: Agentic identity is the identity model used for AI systems that can make runtime decisions and take actions on tools or data sources. In governance terms, it requires explicit scoping, monitoring, and lifecycle control because the actor can operate independently of a human session.
  • Delegated Trust: Delegated trust is access granted to one identity so it can act on behalf of another actor, system, or tenant. In CIAM and NHI programmes, the risk is not the credential itself but the breadth of action it can perform once trust is transferred across systems.
  • Identity Blast Radius: Identity blast radius is the amount of damage an access failure can create before it is contained. It is shaped by privilege scope, tenant boundaries, token lifetime, and downstream delegation, and becomes more important as external identity and machine identity converge.

What's in the full article

Descope's full article covers the platform-by-platform implementation detail this post intentionally leaves at the comparison layer:

  • Feature-by-feature notes on login, MFA, SSO, and consent management across all six CIAM options
  • Platform-specific discussion of multi-tenant support, SCIM provisioning, and developer workflow design
  • Practical strengths and tradeoffs for teams building B2C, B2B, or AI-agent-facing identity journeys
  • The implementation context behind Descope's own positioning on inbound, outbound, and MCP-authenticated use cases

👉 Descope's full post adds platform-by-platform capability detail and the design tradeoffs behind each CIAM option.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2025-10-23.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org