AI agents and identity security: what 1Password’s board move means

TL;DR: Identity programmes now have to govern runtime access use, not just static entitlements, across mixed actor types, as 1Password’s appointment of Dr. Manoj Apte to its board reflects a broader shift toward continuous access, delegated authority, and identity governance for humans, machine identities, and AI agents, according to 1Password.

NHIMG editorial — based on content published by 1Password: April 7, 2026 board appointment of Dr. Manoj Apte and the company’s identity security position for humans and AI agents

Questions worth separating out

Q: How should security teams govern AI agents that use delegated access?

A: Security teams should bind delegated access to a narrow task, a clear authority chain, and a short lifespan.

Q: Why do AI agents change IAM and PAM assumptions?

A: AI agents change IAM and PAM assumptions because they can act continuously, use tools directly, and execute without the human pacing that traditional review cycles expect.

Q: What breaks when access is treated as permanent in agentic workflows?

A: Permanent access breaks accountability, because you can no longer prove whether a credential was still needed, who actually used it, or whether the action stayed inside the original purpose.

Practitioner guidance

• Map delegated authority chains Inventory where humans delegate to applications, service accounts, and AI-driven workflows.
• Tighten task-scoped credential lifetimes Replace broad, reusable access with credentials that expire with the task and cannot be reused outside the approved workflow.
• Unify audit trails across humans and non-humans Correlate identity events from SSO, vaults, cloud logs, and workflow systems so you can reconstruct who acted, what credential was used, and whether the action stayed inside authority.

What's in the full analysis

1Password's full article covers the board and strategy context this post intentionally leaves for the source:

• Dr. Manoj Apte’s background and why 1Password links it to Zero Trust and agentic access.
• The company’s own framing of Unified Access across humans, machine identities, and AI workflows.
• Specific product and platform positioning around discovering, securing, and auditing credential use.
• The broader 1Password market narrative and related resource links for readers who need the vendor’s full context.

👉 Read 1Password’s board appointment note on identity security for humans and AI agents →

AI agents and identity security: what 1Password’s board move means?

Explore further

View Full Forum →  |  NHI Foundation Course →