Agentic identities and IAM: what changes for identity teams?

TL;DR: AI agents are becoming a governed identity class with short-lived credentials, policy-enforced actions, and human-in-the-loop controls, according to Strata Identity research and Gartner’s Emerging Tech Impact Radar for agentic identities, which named Strata Identity a Sample Vendor in the report. Traditional IAM still struggles to manage dynamic, delegated agent behaviour, so least privilege and lifecycle management must be reworked for runtime decision-making.

NHIMG editorial — based on content published by Strata Identity: Strata Identity recognized by Gartner as a sample vendor for agentic identities

By the numbers:

• By 2026, 40% of enterprise apps will be integrated with task-specific agents, up from less than 5% now.

Questions worth separating out

Q: How should security teams govern AI agents that can act independently?

A: Treat AI agents as governed identities with accountable ownership, scoped permissions, and per-action policy enforcement.

Q: Why do AI agents complicate least privilege for IAM teams?

A: Least privilege becomes harder because an agent’s intent is not fully known at provisioning time and may change during execution.

Q: What breaks when access reviews are applied to agentic identities?

A: Access reviews often miss agentic risk because they look for persistent entitlements rather than short-lived, behaviour-driven authority.

Practitioner guidance

• Classify AI agents as governed identities Inventory every agent that can call tools, access data, or trigger downstream workflows and assign an accountable owner, lifecycle state, and approval path for sensitive actions.
• Enforce action-level policy checks Require runtime authorisation for high-risk agent actions so the system evaluates context before each sensitive tool call, not just when the agent is provisioned.
• Limit delegated capability to the task scope Issue short-lived credentials with tightly scoped permissions and remove any standing access that would allow an agent to expand beyond the immediate task boundary.

What's in the full analysis

Strata Identity's full post covers the operational detail this analysis intentionally leaves for the source:

• Gartner quotation context and the exact category language used for agentic identities
• Maverics runtime control details, including short-lived credentials and policy-as-code authorisation
• The MCP-native proxy approach and how it fits into existing application environments
• Disclaimer language and the source article framing around the Gartner recognition

👉 Read Strata Identity's analysis of Gartner's agentic identities category →

Agentic identities and IAM: what changes for identity teams?

Explore further

View Full Forum →  |  NHI Foundation Course →