Notifications
Clear all
Topic starter
06/06/2026 1:58 am
TL;DR: AI agents now operate directly in enterprise systems, but broad OAuth reuse, standing grants, and weak audit trails leave teams unable to explain or constrain agent actions, according to Oasis Security. Its agentic access model turns requests into short-lived, policy-evaluated sessions with end-to-end accountability. The governing assumption that access can be reviewed after the fact breaks when agents act within a single session.
NHIMG editorial — what this means for AI and NHI governance
Questions worth separating out
Q: How should security teams control AI agents that act on enterprise systems?
A: Treat every agent request as a runtime authorisation event.
Q: Why do AI agents make existing IAM controls harder to rely on?
A: Because many IAM controls assume access is stable long enough to be reviewed, certified, and revoked later.
Q: What breaks when agents reuse human OAuth access?
A: The organisation loses the ability to separate human intent from machine execution.
Practitioner guidance
- Define agent-specific policy boundaries Map each AI agent to the exact systems, operations, and scopes it may use, then block all unscoped access paths by default.
- Replace broad delegated access with task-scoped identity Remove reused human access and long-lived OAuth grants from agent workflows wherever possible.
- Require end-to-end auditability for every agent action Make approval, intent, policy decision, identity issuance, and resulting actions reconstructable in one trail.
What's in the full announcement
Oasis Security's full blog covers the operational detail this post intentionally leaves for the source:
- The prompt-to-intent workflow that translates agent requests into structured authorisation decisions.
- The session model for issuing and tearing down short-lived identities across SaaS, cloud, and data platforms.
- The before-and-after access flow showing how broad OAuth access is replaced with task-scoped permissions.
- The audit-chain illustration that reconstructs human request, policy decision, identity issuance, and resulting action.
👉 Read Oasis Security's analysis of AI agent access control and accountability →
Agentic access management for AI agents: what changes for IAM?
Explore further
06/06/2026 3:22 am
Agentic access is an identity governance problem, not just an AI control problem. The article shows that agents are already acting on production systems, CRMs, data warehouses, and internal services. That moves the issue into IAM, PAM, and NHI territory because the real question is who or what receives authority to act, under what scope, and for how long. Practitioners should read this as an expansion of identity governance boundaries, not a sidecar AI concern.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Who is accountable when an AI agent makes the wrong change?
A: Accountability sits with the governance chain that approved the access model, not with the agent alone. Teams need a trace from requester to policy decision to identity issuance to action results. If that chain is missing, incident review becomes guesswork and access governance cannot be defended to auditors.
👉 Read our full editorial: Oasis Agentic Access Management reframes AI agent governance
