Notifications
Clear all
Topic starter
06/06/2026 2:27 am
TL;DR: The open web was built for humans, not machines, and AI agents now need to click, scroll, extract, and act across it to complete work, according to WorkOS. The shift makes agent-ready access, protocol design, and governance assumptions central to identity security rather than a niche integration concern.
NHIMG editorial — based on content published by WorkOS: Homer Wang on building TinyFish and the future of AI agents
Questions worth separating out
Q: How should security teams govern AI agents that interact with public websites?
A: Treat them as delegated machine identities, not as ordinary scripts.
Q: Why do human-designed websites create governance problems for AI agents?
A: Because most websites assume a human user can interpret context, handle ambiguity, and pace actions manually.
Q: What breaks when agents use human-style browsing instead of APIs?
A: Governance becomes harder to enforce because the access path looks like normal user activity, even when a machine is doing the work.
Practitioner guidance
- Define delegated web action as a governed identity pattern Create a policy class for agents that perform clicks, submissions, and multi-step web tasks.
- Separate read access from act access Map every agent workload to the point where it stops observing and starts changing state.
- Inventory human-style automation paths Find places where machines currently access sites by imitating users, especially through browsers and session-based workflows.
What's in the full article
WorkOS's full article covers the conversational detail this post intentionally leaves for the source:
- The interview context from HumanX 2026, including how TinyFish positions web infrastructure for machine-first use cases.
- Direct quotes on building for agents rather than human daily active users, which adds operating context for product and platform teams.
- The examples of live deep research, unstructured web collection, and continuous website monitoring that illustrate the range of agent workflows.
- The discussion of emerging machine-friendly endpoints and why long-tail websites may still need agent-mediated access.
👉 Read WorkOS's interview on AI agents, web infrastructure, and TinyFish →
AI agent web automation: what changes for IAM and access control?
Explore further
06/06/2026 4:08 am
AI agent web access is becoming an identity problem before it becomes a protocol problem. The article frames the web as infrastructure for machines, but the governance implication is more specific: organisations are starting to authorise agents to act in places originally designed for human intent and human pacing. That means access decisions, auditability, and scope control now matter at the level of individual agent sessions. The practitioner conclusion is that agent web use should be governed as delegated machine action, not generic automation.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
- 69% of security leaders agree identity management must fundamentally shift to address agentic AI systems, according to the 2026 Infrastructure Identity Survey.
A question worth separating out:
Q: How can organisations decide when an AI agent needs higher controls?
A: Escalate controls when the agent moves from retrieving information to taking operational action. A machine that clicks, submits, or triggers workflows should have tighter scope, stronger logging, and clearer ownership than one that only observes. The decision point is not model sophistication, but whether the agent can change state on behalf of the business.
👉 Read our full editorial: AI agents need the web to be machine-readable, not human-only
