Notifications
Clear all
Topic starter
22/06/2026 10:03 am
TL;DR: Production AI agents need an identity-aware proxy, short-lived credential vaulting, scope minimization, and first-class revocation to keep call-level activity governable, traceable, and stoppable, according to ConductorOne. The core lesson is that human session assumptions break at agent speed, so identity controls must move to the tool-call boundary.
NHIMG editorial — based on content published by ConductorOne: Four Things Your Identity Stack Needs Before Agents Hit Production
Questions worth separating out
Q: How should security teams govern AI agents that call enterprise tools?
A: They should govern agents at the tool boundary, not only at login.
Q: Why do AI agents complicate traditional identity and access management?
A: AI agents complicate IAM because they do not behave like human sessions.
Q: What breaks when agents use long-lived secrets in production?
A: Long-lived secrets create standing trust that outlasts the task.
Practitioner guidance
- Instrument every tool boundary Place an identity-aware proxy in front of agent tool calls so authentication, authorisation, and logging happen per request, not per session.
- Replace durable secrets with vaulted tokens Move agent credentials out of laptops, config files, and shared pipelines, then issue short-lived tokens that expire with the task.
- Define empty-default scopes for agents Start each agent with no standing access and add only the permissions required for the current action, then revoke them at task completion.
What's in the full article
ConductorOne's full blog post covers the operational detail this post intentionally leaves for the source:
- A practical breakdown of how the identity-aware proxy sits in front of MCP-connected tool calls.
- Implementation detail on short-lived credential issuance, vaulting, and token expiry for agent workflows.
- A stepwise maturity ladder for moving from shadow AI to governed AI access management.
- Examples of how to sequence proxying, vaulting, scope minimisation, and revocation in production.
👉 Read ConductorOne's analysis of the identity primitives AI agents need in production →
AI agent governance primitives: is your identity stack ready?
Explore further
22/06/2026 10:46 am
Identity-aware proxying is the first real control plane for AI agents. The article is right to place the proxy at the centre because agent behaviour is governed at the tool-call boundary, not the session boundary. That is a structural shift for IAM and NHI programmes, and it aligns with OWASP Agentic AI Top 10 style thinking about runtime abuse. Practitioners should treat every unproxied agent call as an ungoverned access event.
A few things that frame the scale:
- 99% of organizations are now prioritizing identity security investments, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: Who is accountable when an AI agent makes an unauthorised production change?
A: Accountability should follow the full delegation chain. The human who initiated the action, the system that issued the credential, and the platform that failed to enforce call-level control all matter. Without attribution and revocation telemetry, teams cannot separate legitimate automation from abuse.
👉 Read our full editorial: Four primitives identity stacks need before AI agents go live
