Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Agentic identities and IAM: what changes for identity teams?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: AI agents are becoming a governed identity class with short-lived credentials, policy-enforced actions, and human-in-the-loop controls, according to Strata Identity research and Gartner’s Emerging Tech Impact Radar for agentic identities, which named Strata Identity a Sample Vendor in the report. Traditional IAM still struggles to manage dynamic, delegated agent behaviour, so least privilege and lifecycle management must be reworked for runtime decision-making.

NHIMG editorial — based on content published by Strata Identity: Strata Identity recognized by Gartner as a sample vendor for agentic identities

By the numbers:

Questions worth separating out

Q: How should security teams govern AI agents that can act independently?

A: Treat AI agents as governed identities with accountable ownership, scoped permissions, and per-action policy enforcement.

Q: Why do AI agents complicate least privilege for IAM teams?

A: Least privilege becomes harder because an agent’s intent is not fully known at provisioning time and may change during execution.

Q: What breaks when access reviews are applied to agentic identities?

A: Access reviews often miss agentic risk because they look for persistent entitlements rather than short-lived, behaviour-driven authority.

Practitioner guidance

  • Classify AI agents as governed identities Inventory every agent that can call tools, access data, or trigger downstream workflows and assign an accountable owner, lifecycle state, and approval path for sensitive actions.
  • Enforce action-level policy checks Require runtime authorisation for high-risk agent actions so the system evaluates context before each sensitive tool call, not just when the agent is provisioned.
  • Limit delegated capability to the task scope Issue short-lived credentials with tightly scoped permissions and remove any standing access that would allow an agent to expand beyond the immediate task boundary.

What's in the full analysis

Strata Identity's full post covers the operational detail this analysis intentionally leaves for the source:

  • Gartner quotation context and the exact category language used for agentic identities
  • Maverics runtime control details, including short-lived credentials and policy-as-code authorisation
  • The MCP-native proxy approach and how it fits into existing application environments
  • Disclaimer language and the source article framing around the Gartner recognition

👉 Read Strata Identity's analysis of Gartner's agentic identities category →

Agentic identities and IAM: what changes for identity teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Agentic identities are a new governed class, not just another workload. The article points to a structural change in identity architecture: AI agents are being treated as unique, verifiable, and manageable identities rather than hidden automation. That shifts the governance burden from infrastructure teams alone to IAM, PAM, and IGA functions that must understand how runtime delegation works. The practitioner conclusion is straightforward: if an agent can act independently, it must be governed as an identity class in its own right.

A few things that frame the scale:

  • 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
  • Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.

A question worth separating out:

Q: Who should own AI agent identity governance in an enterprise?

A: Ownership should sit across identity, security, and the business team using the agent, with one named accountable owner for each system. That model is necessary because agent behaviour affects access, data handling, and operational outcomes at the same time. Shared ownership prevents agents from becoming unmanaged shadow identities.

👉 Read our full editorial: Agentic identities force IAM to extend governance to AI agents



   
ReplyQuote
Share: