TL;DR: Session-based authorization breaks down for agents and ephemeral workloads because permissions assigned at login are too coarse for action-by-action decisions, according to Cerbos’s EIC 2026 panel recap. The real shift is toward real-time, signal-driven authorization with policy-as-code, federated decisioning, and auditable context at each hop, not broader tokens or quarterly reviews.
NHIMG editorial — based on content published by Cerbos: Signals, Policies, and Identity Agency, a panel recap on real-time authorization and identity layer design
Questions worth separating out
Q: How should security teams govern access for agents and ephemeral workloads?
A: They should stop treating login-time grants as the primary control and move to runtime authorization tied to the exact action being attempted.
Q: Why do agents make session-based authorization less reliable?
A: Agents act on task-specific intent, not stable job roles, and they may need different permissions at different points in the same workflow.
Q: What should organisations review before adopting signal-driven authorization?
A: They should review their capability inventory, ownership model, policy engine placement, and revocation path.
Practitioner guidance
- Move authorization decisions to runtime Require access checks at the moment an action is attempted, using live context from identity, device, network, and risk systems instead of relying on login-time grants.
- Separate identity, signals, and decisioning Keep the identity provider, signal sources, and policy engine independently replaceable so a change in one layer does not force a rewrite across the stack.
- Inventory actions and owners before writing policy Document which capabilities each system exposes, who owns them, and which signals should gate each action before you try to codify access rules.
What's in the full article
Cerbos's full article covers the operational detail this post intentionally leaves for the source:
- How Cerbos frames the separation between identity issuance, signal collection, and authorization decisions in a real deployment.
- The panel's discussion of Shared Signals Framework, CAEP, and federated authorization as building blocks for runtime access control.
- The specific audit-trail model for action-based decisions, including what a CISO should expect to show regulators after an incident.
- The vendor's practical view of delegated access scenarios where an agent may need broader authority than the initiating user.
👉 Read Cerbos’s analysis of signal-driven authorization for agents and ephemeral workloads →
Signal-driven authorization for agents and ephemeral workloads?
Explore further
Session-based authorization is being outgrown by the very identities it was designed to govern. The old assumption was that the subject stays stable long enough for login-time permissions and periodic reviews to remain meaningful. That assumption fails when ephemeral workloads and agents need action-specific access that changes mid-flow. The implication is not just better tooling, but a different governance premise for how access decisions are made.
A few things that frame the scale:
- 66% say their current tooling is not adequate to manage the scale of machine identities they now have, according to The Critical Gaps in Machine Identity Management report.
- 57% of organisations lack a complete inventory of their machine identities, according to The Critical Gaps in Machine Identity Management report.
A question worth separating out:
Q: What is the difference between delegated access and least privilege for agents?
A: Least privilege assumes the minimum access can be defined in advance, while delegated access may require a different authority set based on task, location, or data residency. For agents, that means privilege is contextual and may legitimately differ from the initiating user’s own access.
👉 Read our full editorial: Signal-driven authorization is replacing session-based identity models