AI agent identity and delegated access: are your controls ready?

TL;DR: AI agents share core identity needs with people, but their ephemeral lifecycles, 80-to-1 scale, and multi-hop delegation chains break static IAM models, according to Strata Identity. Access review processes assume identities persist long enough to be reviewed; agents can appear and disappear within a task.

NHIMG editorial — based on content published by Strata Identity: AI agents are people too

By the numbers:

• AI agents will outnumber human identities 80 to 1 in some enterprise environments.
• Gartner predicts that by 2026, 30% of enterprises will deploy AI agents acting with minimal human intervention.

Questions worth separating out

Q: How should security teams govern AI agents that act on behalf of users?

A: Security teams should treat each agent as a distinct identity with explicit delegation metadata, scoped authority, and an auditable chain back to the originating user or system.

Q: Why do AI agents complicate zero trust and least privilege programmes?

A: AI agents complicate those programmes because their permissions are often task-specific, short-lived, and context-dependent, while traditional controls assume stable identities and predictable access patterns.

Q: What breaks when AI agents are managed like service accounts?

A: What breaks is the assumption that a durable account model can represent a transient actor.

Practitioner guidance

• Assign each agent a first-class identity Create a named identity for every agent and attach delegation metadata that records who or what it acts on behalf of, what task it may perform, and when authority expires.
• Move agent access to just-in-time issuance Replace pre-provisioned agent accounts with task-scoped credentials that are issued only when needed and retired immediately after completion.
• Trace every delegation hop Log the full delegation chain across human, system, and agent actors so that each action can be tied back to a verifiable authority path during incident response.

What's in the full article

Strata Identity's full article covers the operational detail this post intentionally leaves for the source:

• A practical breakdown of how Maverics Agentic Identity creates and retires agent identities per task.
• Details on OAuth orchestration patterns such as OBO, token exchange, DPoP, PKCE, and CAEP.
• Examples of how cross-domain federation and delegated access are enforced in real workflows.
• The vendor's hands-on lab and sandbox flow for testing agent authentication and authorization decisions.

👉 Read Strata Identity's analysis of AI agent identity and delegated access →

AI agent identity and delegated access: are your controls ready?

Explore further

View Full Forum →  |  NHI Foundation Course →