Agentic AI identity gaps: what IAM teams need to fix now

TL;DR: Agentic AI is exposing nine identity gaps across authentication, delegation, intent capture, authorization, human approval, and observability, while Gartner expects 30% of enterprises to rely on agents with minimal human input by 2026, according to Strata Identity. The governance problem is no longer theoretical: access review, least privilege, and audit models built for static identities break when agents act at machine speed.

NHIMG editorial — based on content published by Strata Identity: agentic identity gaps in legacy IAM

By the numbers:

• By 2026, Gartner predicts 30% of enterprises will rely on AI agents that operate with minimal human input.
• 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
• 96% of technology professionals identify AI agents as a growing security threat, and 66% believe this risk is immediate.

Questions worth separating out

Q: How should security teams govern AI agents that act on delegated authority?

A: Security teams should govern AI agents as delegated identities with explicit subject, purpose, scope, and runtime evidence.

Q: Why do AI agents complicate Zero Trust and least privilege models?

A: AI agents complicate Zero Trust because they can change tool use, data access, and execution timing during a session.

Q: What breaks when AI agent access is reviewed like human access?

A: Human-style access review fails when the evidence you need is the task, not the person.

Practitioner guidance

• Map every agent to a named delegating subject Require each agent workflow to identify the human or system that initiated the task, the policy that authorised it, and the downstream systems it may touch.
• Replace broad scopes with task-scoped ABAC policy Define policies around task, data class, and runtime context instead of broad application-level permissions.
• Enforce step-up approval for sensitive agent actions Insert runtime human approval for actions that move data, change entitlements, or trigger external side effects.

What's in the full article

Strata Identity's full blog post covers the operational detail this post intentionally leaves for the source:

• The nine identity problems in the agentic user flow with implementation examples for each gap.
• Practical examples of JIT provisioning, ABAC, OPA, and step-up verification in agent environments.
• The sandbox and hands-on lab flow for binding, delegating, and observing agent identity controls.
• The next post in the series, which extends the identity playbook for AI agents.

👉 Read Strata Identity's analysis of nine agentic identity gaps in legacy IAM →

Agentic AI identity gaps: what IAM teams need to fix now?

Explore further

View Full Forum →  |  NHI Foundation Course →