Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI agents and NHIs are stretching authorization controls


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9079
Topic starter  

TL;DR: Demand for authorization management platforms grew 4x in 2025 as enterprises pushed into AI agents, MCP servers, and non-human identities that inherit human-era permissions, making runtime authorization, auditability, and least privilege harder to sustain according to Cerbos. The real shift is that access decisions are now happening too fast, too often, and too contextually for static role models to keep up.

NHIMG editorial — based on content published by Cerbos: A year of growth, focus, and enterprise adoption

By the numbers:

Questions worth separating out

Q: How should security teams govern AI agent authorization in enterprise systems?

A: Security teams should govern AI agent authorization with runtime policy evaluation, not static roles alone.

Q: Why do non-human identities complicate least-privilege design?

A: Non-human identities complicate least privilege because they often inherit permissions across services, workflows, and environments that were never designed around a single accountable user.

Q: What breaks when authorization is still handled through static RBAC for AI systems?

A: Static RBAC breaks when access decisions depend on runtime context that roles cannot express, such as which tool an agent is calling or which dataset it is touching.

Practitioner guidance

  • Separate runtime policy from static role assignment Move high-risk access decisions into context-aware policy evaluation so humans, services, and AI-driven workflows are judged on current conditions rather than inherited entitlements.
  • Version and test authorization policies before promotion Treat policy changes like code changes, with review, testing, and rollback paths before deployment.
  • Unify governance for human and non-human identities Map service accounts, workloads, and AI agents into the same entitlement review and exception process used for human access.

What's in the full article

Cerbos' full announcement covers the operational detail this post intentionally leaves for the source:

  • How Cerbos Hub handles the full access control policy lifecycle across create, update, deploy, and audit phases.
  • How Git-based workflows and CI integration are used to test and distribute policy changes in practice.
  • How policy stores support tenant and environment separation without duplicating authorization logic.
  • How the platform's audit trail captures who asked for what, under which policy version, and why it was allowed or denied.

👉 Read Cerbos' 2025 update on authorization management, AI, and NHI adoption →

AI agents and NHIs are stretching authorization controls?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8508
 

Authorization is becoming an identity governance layer, not just an application control. The Cerbos story reflects a broader shift we see across the market: access decisions are moving out of application code and into runtime policy systems because identity sprawl now spans humans, service accounts, and AI-driven actors. That matters because authorization is no longer a narrow permission check. It is the point where identity, context, and operational risk meet, which makes it central to both NHI governance and human IAM design.

A few things that frame the scale:

  • 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to the Ultimate Guide to NHIs.
  • Also from our research: Only 5.7% of organisations have full visibility into their service accounts, which means most teams cannot reliably see where machine access is accumulating, according to the Ultimate Guide to NHIs.

A question worth separating out:

Q: How do teams know if authorization controls are actually working?

A: Teams know authorization controls are working when every decision is auditable, policy changes are versioned, and denied or allowed access can be explained after the fact. If access is technically granted but cannot be traced to a policy version and request context, the control is not operationally governable.

👉 Read our full editorial: Authorization management in 2025: why AI and NHI changed the model



   
ReplyQuote
Share: