TL;DR: Identity teams now have to govern client-side access patterns and session-bound authorization, not just server-rendered admin workflows as WorkOS is exposing a session-aware GraphQL API for browser-side user management, invitations, roles, sessions, passkeys, and MFA so teams can build custom admin surfaces without backend proxying, with future coverage planned for SSO, directory sync, audit logs, and RBAC.
At a glance
What this is: This is a session-aware browser GraphQL API for building custom user management and admin UIs directly on the frontend, with a key finding that the bottleneck has moved from building UI to making APIs agent-friendly and schema-complete.
Why it matters: It matters because IAM, IGA, and application security teams must now govern browser-exposed identity operations, session-aware authorization, and the lifecycle of user management controls across custom interfaces.
👉 Read WorkOS's session-aware GraphQL API details for custom user management
Context
Custom identity administration is shifting from backend-mediated pages to browser-accessible APIs that let frontend code compose user management, invitations, roles, and session controls directly. That changes the governance boundary, because the identity surface is no longer only what the server renders; it is also what the browser can query and mutate through a session-aware token.
For identity teams, the practical question is not whether a custom UI can be built faster, but how much trust can safely be pushed into a client-side experience that still performs privileged identity operations. This is a user management and session governance problem as much as it is a developer-experience problem, and it fits the broader NHI lifecycle pattern even when the actor remains human-driven.
Key questions
Q: How should teams govern identity actions exposed through browser-based APIs?
A: Teams should treat browser-exposed identity actions as governed workflows, not simple UI calls. Separate read-only queries from mutating operations, enforce short-lived session tokens, and bind those tokens to origin and purpose. The goal is to prevent the browser from becoming an open-ended control plane for membership, authentication, or recovery actions.
Q: Why do session-aware client APIs change IAM risk models?
A: They move part of the identity control experience into the browser while preserving session context, which means the frontend becomes part of the trust boundary. That increases the importance of token scope, origin restrictions, and mutation review because privileged identity operations can now be composed in client-side code.
Q: What do security teams get wrong about custom user management UIs?
A: They often focus on UX and overlook the governance implications of exposing lifecycle actions such as invitations, role changes, and MFA management. A custom UI can be safe, but only if the underlying operations are mapped to ownership, evidence, and approval boundaries instead of being treated as ordinary frontend features.
Q: What frameworks should apply to browser-exposed identity workflows?
A: NIST CSF 2.0 and NIST SP 800-53 Rev 5 are the most useful anchors when browser-accessible identity operations affect access control, authentication, and auditability. Teams should map the exposed mutations to control families for access, identification, and logging rather than treating them as purely application-layer concerns.
How it works in practice
Session-aware browser GraphQL and the identity trust boundary
A session-aware GraphQL API moves selected identity operations from server-rendered workflows into direct browser calls, using a short-lived token minted server-side and constrained by origin allowlists. GraphQL matters here because it exposes a typed schema, so clients can discover fields and compose precise queries without chaining multiple endpoints. That reduces round trips and makes custom admin UIs easier to assemble, but it also shifts part of the trust boundary into the frontend. The browser is no longer just a presentation layer; it becomes an execution surface for identity operations that still depend on session context and authorization state.
Practical implication: treat the browser as an identity workflow surface and review which mutations can be safely exposed client-side.
Why introspectable schemas matter for agent-assisted UI generation
The article’s core architectural claim is that coding agents can work more reliably when APIs are self-describing, because they can inspect the schema and produce correct queries with less documentation dependency. In practice, that is less about autonomy and more about API completeness and machine-readability. An introspectable GraphQL schema reduces ambiguity, but it also raises the quality bar for least-privilege design because agents and developers can discover more of the available surface area faster. For identity products, this is a schema-governance issue: a powerful schema needs careful field-level exposure, especially where roles, sessions, MFA, and invitations are involved.
Practical implication: review schema exposure as part of access design, not as a purely developer convenience choice.
Session, MFA, and membership operations as lifecycle controls
The launched surface includes user lifecycle operations such as inviting users, changing email, revoking sessions, removing members, and managing MFA factors. Those are not just product features. They are governance controls that influence joiner, mover, and leaver outcomes, authentication assurance, and account recovery risk. When these actions are callable through a client-side API, the operational model must assume that the identity lifecycle is being orchestrated through a richer UI layer rather than a traditional admin console. That makes transaction integrity, origin checks, and action scoping more important, because the control plane is being exposed in a form that is easier to compose but also easier to misuse if boundaries are loose.
Practical implication: map each browser-exposed mutation to a lifecycle control owner and approval boundary before rollout.
NHI Mgmt Group analysis
Custom identity admin is becoming a client-side governance problem: once user management, invitations, roles, and session controls are exposed to the browser through a session-aware API, the security model has to govern where identity decisions are made, not just who is allowed to make them. That means the boundary between application UI and identity control plane becomes a policy boundary, not merely a design choice. Practitioners should treat frontend-exposed identity operations as governed workflow surfaces, not convenience endpoints.
Schema completeness is now an access design issue, not just a developer experience issue: when developers and coding agents can inspect a GraphQL schema and assemble working queries quickly, the operational risk shifts to unintended discoverability and over-broad field exposure. A schema that is too permissive becomes self-documenting privilege. The implication is that identity platforms need explicit field scoping, mutation scoping, and review of what browser clients can see before teams assume the UI layer is harmless.
Session-aware client access exposes the lifecycle gap between human workflow and machine-enforced control: the access model still relies on a short-lived token minted server-side, but the downstream actions now happen in a browser context that can be scripted, reused, or embedded into custom admin surfaces. That is a lifecycle governance problem because invitations, role changes, MFA enrollment, and session revocation are all part of joiner, mover, and leaver handling. Practitioners should rethink how approval, traceability, and revocation are enforced when lifecycle operations are exposed through the frontend.
Browser-exposed identity controls will force IAM and application teams to share responsibility more tightly: the more identity operations move into custom UI layers, the less defensible it becomes to separate application design from identity governance. Workflows that used to be backend-only now inherit the application’s origin policy, session handling, and client-side abuse surface. The practical conclusion is that IAM architecture reviews must include frontend assumptions, because the control plane is increasingly being composed where users actually interact with it.
From our research:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- From our research: Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security.
- Teams that are moving identity workflows into browser-exposed APIs should pair that shift with the NHI Lifecycle Management Guide so lifecycle controls do not disappear into the frontend.
What this signals
Session-bound identity operations need lifecycle discipline at the UI layer: once invites, role updates, and session revocation can be composed in a custom frontend, governance has to follow the action path rather than the deployment architecture. That is especially true where the same interface can be used for both standard administration and higher-risk recovery flows. Teams should align browser-exposed mutations with the same lifecycle ownership they already use for back-end identity changes.
Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security: that confidence gap is a warning sign for any programme extending identity operations into new execution surfaces. The lesson is not that custom APIs are unsafe by default, but that identity teams need stronger governance assumptions than traditional admin UI design usually provides.
The likely next stage is tighter convergence between application engineering and identity governance, because the browser is becoming part of the control plane. Teams that still separate frontend delivery from identity assurance will struggle to explain who owns token scope, mutation boundaries, and lifecycle evidence when something goes wrong.
For practitioners
- Classify browser-exposed identity mutations by privilege tier Separate read-only identity queries from mutating operations such as role changes, MFA enrollment, session revocation, and member removal. Apply explicit review and approval boundaries to the operations that can change user state or authentication assurance.
- Review origin allowlists and token TTL together Test whether short-lived, origin-pinned tokens are actually constrained enough for the browser workflows you intend to expose. The allowlist should be treated as a control boundary, not a deployment detail, and token lifetime should match the sensitivity of the operations being exposed.
- Map UI actions to joiner-mover-leaver controls Trace every invite, membership change, MFA enrollment, and session revocation action back to the lifecycle process it implements. If an action bypasses the normal lifecycle owner or evidence trail, it should not be exposed through a custom admin surface.
- Limit schema visibility to the minimum viable client surface Expose only the fields and mutations required for the specific frontend workflow. Keep higher-risk operations and sensitive metadata out of broad browser-accessible surfaces unless there is a documented need and a compensating control.
Key takeaways
- Session-aware GraphQL changes identity administration by moving governed actions into the browser, where token scope and origin controls matter more.
- The main security issue is not the UI itself, but the exposure of lifecycle mutations, schema visibility, and client-side trust boundaries.
- Identity teams should map browser-exposed actions to lifecycle ownership, approval boundaries, and minimum necessary schema exposure before rollout.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST CSF 2.0, NIST SP 800-53 Rev 5 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-4 | Browser-exposed identity operations need least-privilege access governance. |
| NIST SP 800-53 Rev 5 | AC-6 | Least privilege is central when UI clients can trigger privileged identity mutations. |
| NIST Zero Trust (SP 800-207) | Origin-pinned, session-aware access aligns with zero-trust access decisions. |
Treat each browser identity call as a verified session event and enforce continuous access validation.
Key terms
- Session-aware API: An API that makes authorization decisions using live session context rather than treating every call as a generic backend request. In identity systems, this means the client can act directly on user and membership data, but only within tightly scoped, time-bound, and origin-constrained boundaries.
- Origin-pinned token: A short-lived credential bound to the browser origin that is allowed to use it. This reduces token reuse outside the intended frontend context, but it also means origin policy becomes part of identity security and must be governed as carefully as any other access control.
- Identity control plane: The set of workflows and permissions that change identity state, such as invitations, role updates, MFA enrollment, and session revocation. When these operations are exposed through custom UIs, the control plane is no longer only a backend concern; it becomes a governed application surface.
- Lifecycle mutation: Any operation that changes an identity’s status, access, or authentication posture across joiner, mover, and leaver processes. In practice, this includes onboarding, role change, factor enrollment, member removal, and session termination, all of which need evidence and ownership.
What's in the full announcement
WorkOS's full article covers the operational detail this post intentionally leaves for the source:
- The exact browser token minting flow and origin-pin mechanics for session-aware API calls.
- The full query and mutation surface for user management, memberships, invitations, MFA, and session controls.
- The rollout plan for SSO, Directory Sync, audit logs, RBAC, feature flags, Pipes, API keys, and Vault.
- The access path for closed early access teams that want to test custom admin surfaces before general release.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM programme, it is worth exploring.
Published by the NHIMG editorial team on 2026-07-03.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org