IGA is now the control plane for zero trust identity governance

At a glance

What this is: This analysis argues that Zero Trust only works when IGA governs humans, non-human identities, and AI agents as first-class identities.

Why it matters: It matters because IAM, PAM, and IGA teams cannot prove least privilege or auditability if service accounts, bots, and agent identities sit outside the governance model.

👉 Read SafePaaS's analysis of why IGA is the control plane for Zero Trust

Context

Zero Trust is an identity problem before it is a network problem. If roles are stale, exceptions are opaque, and service accounts or AI agents carry broad standing access, policy engines end up verifying the wrong entitlements rather than enforcing the right ones.

This article focuses on how Identity Governance and Administration becomes the control layer that makes Zero Trust defensible across human users, non-human identities, and AI agents. The central issue is not whether access is authenticated, but whether the underlying identity, scope, and approval model are actually governed.

For practitioners, the practical gap is familiar: access decisions look continuous on paper, but the entitlement data behind them is often incomplete. That gap becomes more visible as workload identities, bots, and agentic systems accumulate access faster than review cycles can correct it.

Key questions

Q: What breaks when Zero Trust is implemented without identity governance?

A: Zero Trust breaks when the policy engine is enforcing stale or incomplete identity data. If access approvals, ownership, and revocation are not governed, the organisation keeps validating entitlements that no longer match business intent. The result is technically strong enforcement built on weak identity records, which still leaves over-privileged accounts and hidden exceptions in place.

Q: Why do non-human identities create more governance risk than teams expect?

A: Non-human identities create governance risk because they are often provisioned for convenience, then left with broad access, unclear ownership, and weak review coverage. Service accounts, bots, and AI agents can accumulate privileges faster than human workflows can correct them. That makes lifecycle management, certification, and revocation essential if Zero Trust is meant to be credible.

Q: How should organisations review AI agent access as part of IGA?

A: Organisations should review AI agent access the same way they review any governed identity, but with tighter scope and clearer ownership. Each agent should have a named sponsor, a defined purpose, and a task-specific entitlement set. Reviews should confirm whether the agent still needs access, whether SoD conflicts exist, and whether the credentials can be revoked cleanly if the agent is retired.

Q: Who is accountable when a non-human identity causes an access failure?

A: Accountability sits with the business owner, the identity governance process, and the system team that allowed the entitlement to persist. A non-human identity does not remove responsibility. If an access failure occurs, organisations need traceable approval, clear ownership, and a revocation path so the failure can be explained and corrected without ambiguity.

Technical breakdown

Why zero trust depends on identity governance data

Zero Trust architectures shift enforcement toward continuous evaluation of identity, device, context, and policy at decision points. That model only works when the identity data is accurate enough to represent real entitlements, ownership, and approval state. Identity Governance and Administration supplies that source of truth by tracking role assignment, exceptions, access reviews, and revocation events. Without it, policy engines rely on stale groups, orphaned entitlements, and undocumented exceptions that are technically enforced but operationally wrong.

Practical implication: connect Zero Trust policy decisions to governed identity records rather than static groups or manually maintained rules.

How non-human identities become hidden trust anchors

Non-human identities include service accounts, bots, workloads, tokens, and AI agents. They often accumulate access through technical convenience, not governance intent, which makes them easy to overlook in reviews and audits. When these identities are shared, long-lived, or poorly attributed, they become hidden trust anchors inside a Zero Trust architecture. The problem is structural: enforcement may be strict at the perimeter, yet the identity behind the action remains broad, opaque, and hard to retire.

Practical implication: inventory non-human identities separately and attach business ownership, purpose, and lifecycle rules to each one.

What changes when AI agents are treated as governed identities

AI agents differ from ordinary automation because they can act with more independence, especially when connected to CRM, ERP, ITSM, or collaboration tools. If they inherit broad service-account access, the organisation loses attribution, scope control, and clean offboarding paths. Treating agents as governed identities means defining purpose, limiting entitlements, applying segregation of duties, and certifying access in the same governance program used for people and other non-human identities. The architectural shift is from tool access to identity accountability.

Practical implication: bring AI agents into the same identity lifecycle and review process used for human users and machine identities.

Threat narrative

Attacker objective: The objective is to abuse trusted identities to make unauthorised changes while staying inside systems that appear compliant on the surface.

1. Entry begins when a human, bot, or AI agent receives broad standing access through a temporary role, service account, or inherited entitlement that was never tightly governed.
2. Escalation occurs when that identity retains privileges across systems, allowing unauthorized changes, data updates, or administrative actions without effective review.
3. Impact follows when the organisation cannot quickly explain who approved the access, what the identity changed, or whether the entitlement should have existed at all.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Zero Trust without IGA is policy theatre. The architecture may verify identities continuously, but if those identities are stale, over-privileged, or poorly owned, the enforcement layer is only checking bad data. The practical consequence is that boards and auditors see a mature control model while the organisation keeps verifying entitlements it should never have granted.

Non-human identities are now the main place where governance debt accumulates. Service accounts, bots, and AI agents expand faster than human accounts, yet they are still often created as technical shortcuts rather than governed identities. That creates a control gap across lifecycle, review, and revocation, and the practitioner conclusion is that NHI governance must be treated as a core IGA discipline, not a side process.

AI agents expose the limit of static entitlement thinking. The assumption that access can be defined once and reviewed later was designed for identities with stable intent and predictable use. That assumption fails when an AI agent can execute, extend, and repeat actions across tools with little human timing control, and the implication is that entitlement governance must stop assuming stable execution windows.

Identity Governance and Administration is becoming the control plane for Zero Trust. When policy engines consume governed identity, role, and review data, they can make decisions that align with business intent instead of technical convenience. The field implication is that Zero Trust programmes will increasingly be judged by the quality of their identity governance inputs, not by the sophistication of their enforcement stack.

From our research:

• 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
• Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
• For a broader control view, see Ultimate Guide to NHIs for lifecycle, visibility, rotation, and offboarding patterns.

What this signals

NHI governance debt will increasingly decide whether Zero Trust is credible. As AI agents and machine identities proliferate, security teams will be judged less on policy intent and more on whether governed identity data is current enough to drive enforcement. The organisations that can connect IGA, lifecycle controls, and policy engines will have a defensible operating model, while everyone else will keep explaining why compliant controls did not prevent bad access.

Identity ownership must become visible across the machine estate. Service accounts and AI agents cannot remain informal technical artefacts if boards are expected to trust Zero Trust outcomes. The programme signal to watch is whether every non-human identity has a sponsor, a review path, and a removal trigger that works when a role changes or a system is retired.

For practitioners

• Inventory governed identities, not just accounts Build a single register of human users, service accounts, bots, workloads, and AI agents, then assign a business owner, purpose, and lifecycle state to each one.
• Tie Zero Trust decisions to governed entitlement data Feed policy engines with current role, approval, and certification status from IGA so enforcement reflects real ownership instead of stale group membership.
• Bring non-human identities into access reviews Include service accounts and AI agents in scheduled certifications, and require reviewers to confirm both necessity and scope before access is renewed.
• Apply segregation of duties to machines and agents Map toxic combinations such as create, approve, and pay or update and release into SoD rules that apply to non-human identities as well as humans.
• Automate revocation at offboarding and role change Remove entitlements when a sponsor leaves, a role changes, or an agent is retired, and verify that credentials, keys, and tokens are actually disabled.

Key takeaways

• Zero Trust collapses into a verification exercise if the underlying identities are not governed.
• Non-human identities and AI agents are where entitlement sprawl now grows fastest, making lifecycle control the practical control point.
• Practitioners should treat IGA as the control plane for Zero Trust and prove that every identity has an owner, scope, and revocation path.

Key terms

• Identity Governance And Administration: Identity Governance and Administration is the set of processes that define, approve, review, and retire access across an organisation. It turns access into something auditable and policy-based, so permissions match role, purpose, and risk instead of remaining ad hoc or inherited.
• Non-Human Identity: A non-human identity is any machine or software identity that accesses systems or data on behalf of a process, workload, or service. That includes service accounts, bots, tokens, certificates, and AI agents, all of which need ownership, scope, and lifecycle control.
• Segregation Of Duties: Segregation of duties is a control that prevents one identity from holding combinations of access that would let it complete a risky transaction alone. In identity governance, it applies to people and non-human identities alike, especially where automation can chain actions too quickly for manual detection.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or lifecycle governance, it is worth exploring.

This post draws on content published by SafePaaS: IGA is now the control plane for zero trust identity governance. Read the original.