Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Agentic AI identity and guardrails: what Mercari’s approach signals


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Mercari says rapid LLM uptake pushed AI security out of functional silos and into a dedicated governance model, with attention on authentication, authorization, auditing, tool control, and least agency as agentic AI expands, according to Opal Security. The real issue is that autonomous behaviour turns identity from a static entitlement problem into a runtime governance problem, where review cycles alone cannot keep pace.

NHIMG editorial — based on content published by Opal Security: Customer Voices on how Mercari’s security team is building guardrails for the AI era

Questions worth separating out

Q: How should security teams govern AI agents that can choose tools at runtime?

A: Security teams should govern runtime authority, not just credential issuance.

Q: Why do AI agents complicate traditional IAM and NHI controls?

A: AI agents complicate IAM and NHI controls because they act in ways that are not fully predictable at provisioning time.

Q: What do organisations get wrong about authorization for agentic AI?

A: They often treat authorization as a binary check at the front door, when agentic AI needs continuous evaluation across the whole action path.

Practitioner guidance

  • Define agent decision boundaries Document which actions an AI system may initiate, which tools it may chain, and where human approval is mandatory before execution continues.
  • Replace shared API keys with identity-bound access Move AI workloads away from long-lived shared secrets and toward centrally managed identity that is tied to workload or service context.
  • Instrument end-to-end audit trails for AI tool use Capture the model request, tool call, data accessed, and approval context so investigators can reconstruct what the agent did after the session ends.

What's in the full article

Opal Security's full article covers the operational detail this post intentionally leaves for the source:

  • How Mercari structured its dedicated AI Security function across platform security, privacy, and governance teams
  • The team’s internal review process for agent-builder, AI automation, and MCP server consultations
  • How Mercari applies centralized gateways to LLM usage and connected tools in practice
  • The specific guardrails the security team is using to make secure AI the easiest path for internal stakeholders

👉 Read Opal Security's customer voice interview on Mercari's AI security guardrails →

Agentic AI identity and guardrails: what Mercari’s approach signals?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Agentic AI identity is no longer a niche control problem, it is an access governance problem. Mercari's description of AI Security, AI Governance, and centralized gateways reflects the reality that once agents can choose tools at runtime, identity controls become part of the execution path rather than a perimeter around it. Authentication, authorization, and auditing must be designed together because the failure mode is not simply unauthorized login, but authorized action taken with the wrong scope. Practitioners should stop treating agent identity as an extension of app security and start treating it as a first-class governance domain.

A few things that frame the scale:

  • Lack of credential rotation is cited as the top cause of NHI-related attacks by 45% of organisations, followed by inadequate monitoring and logging (37%) and over-privileged accounts (37%), according to The State of Non-Human Identity Security.
  • 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, including 38% with no or low visibility and 47% with only partial visibility.

A question worth separating out:

Q: How do teams decide whether AI governance belongs in security, privacy, or platform engineering?

A: The decision should follow the identity behaviour being governed, not the organisational silo. Security owns access boundaries and auditability, privacy owns data use constraints, and platform teams often own the technical control points. The key is shared governance with clear ownership for each layer of the agent lifecycle.

👉 Read our full editorial: Mercari’s AI security model shows why agent identity needs guardrails



   
ReplyQuote
Share: