TL;DR: Gartner’s IAM Adapts to Secure and Enable AI Agents says authentication and monitoring are relatively ready, but identity registration, credential management, and authorization lag as organisations deploy more AI agents, according to Descope’s summary of the report. Human credential sharing, not just tool integration, is the control pattern that breaks first when agents operate at machine speed.
NHIMG editorial — based on content published by Descope: Gartner® Report: IAM Adapts to Secure and Enable AI Agents
Questions worth separating out
Q: How should security teams govern AI agents as distinct identities?
A: Security teams should treat each AI agent as its own governed identity with a named owner, explicit purpose, and bounded scope.
Q: Why do shared human credentials create risk for AI agent governance?
A: Shared human credentials blur the boundary between the person and the agent, so access can no longer be scoped, audited, or revoked independently.
Q: What do organisations get wrong about AI agent authorization?
A: They often stop at authentication and assume the hard work is done.
Practitioner guidance
- Create a distinct identity for every AI agent Bind each agent to a unique identifier, a named owner, and a defined lifecycle so that revocation and review are possible without affecting the human account that initiated it.
- Remove human credential reuse from agent workflows Replace shared sessions and copied tokens with delegated credentials issued through explicit consent and narrow scopes, then verify that the agent never receives raw human secrets.
- Register agents before they touch production tools Make registration mandatory before access issuance, and include ownership, purpose, tenant, and permitted tool scope in the authoritative record.
What's in the full article
Descope's full blog post covers the implementation detail this post intentionally leaves for the source:
- OAuth 2.1 consent and delegation flow design for agent-specific credentials
- MCP server authorization plumbing, including PKCE, DCR, and CIMD
- Policy enforcement details for per-agent, per-tool, and per-tenant scopes
- Operational handling of credential vaulting and step-up authentication for sensitive actions
👉 Read Descope's analysis of IAM adapting to secure and enable AI agents →
AI agent identity governance gaps: are your controls ready?
Explore further
Identity registration is now the control plane for AI agents, not a back-office task. Discovery alone cannot explain why an agent exists, who is accountable for it, or what scope it should carry. That makes registration the point where governance becomes real, because every later control depends on an authoritative identity record. Practitioners should treat agent registration as the prerequisite for lifecycle, authorization, and incident response.
A few things that frame the scale:
- 96% of technology professionals identify AI agents as a growing security threat, and 66% believe this risk is immediate, according to AI Agents: The New Attack Surface report.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
A question worth separating out:
Q: Who should be accountable when an AI agent causes an access incident?
A: Accountability should sit with the human owner, the approving team, and the control process that issued the agent’s scope. If registration and ownership are missing, incident response becomes guesswork because nobody can confidently trace the authorizing decision. Good governance creates a clear chain from the agent’s action back to the delegating authority.
👉 Read our full editorial: IAM for AI agents is exposing identity governance gaps