It reduces risk when access is truly session-scoped and revocation is immediate. It still leaves exposure when the process relies on fixed time windows, manual cleanup, or pre-created identities that remain usable during the window. In those cases, attackers may still exploit the access before it disappears.
Why This Matters for Security Teams
JIT reduces risk only when the credential is issued for a specific task, limited to the minimum needed scope, and revoked as soon as that task ends. The problem is that many environments still label a time-bound window as “JIT” even when the underlying identity, secret, or permission set remains broadly reusable. That is not session-scoped access, and it leaves a real opportunity for misuse.
This matters because non-human identities are already a major exposure point. In the 2024 ESG Report: Managing Non-Human Identities, 72% of organisations said they have experienced or suspect they have experienced a breach of non-human identities. That kind of signal usually reflects weak lifecycle control, not just bad luck. For practitioners, the key question is whether access disappears with the job or merely expires on a timer while the secret still works.
Current guidance from OWASP Non-Human Identity Top 10 and NIST Cybersecurity Framework 2.0 both point toward least privilege, continuous governance, and fast revocation, but the operational gap is still common. In practice, many security teams discover that JIT was only a label after an exposed credential was reused inside the approved window.
How It Works in Practice
Effective JIT for NHI access starts with a runtime decision, not a standing entitlement. The request should be tied to a specific workload, purpose, and duration, with the secret generated just for that session and invalidated automatically when the task completes. For agentic workloads, this is increasingly paired with workload identity so the system knows what the agent is before issuing what it can do. That means cryptographic workload proof, short-lived tokens, and policy evaluation at request time rather than a fixed role assigned long before execution.
The practical pattern usually looks like this:
- Authenticate the workload or agent with a durable identity primitive such as OIDC-based workload identity or SPIFFE-style attestation.
- Check intent, context, and target resource before issuing a secret or token.
- Limit the token to the minimum scope and the shortest usable TTL.
- Revoke immediately on task completion, failure, or anomaly.
- Log issuance, use, and revocation so security teams can prove the access was truly ephemeral.
This is where the distinction between session-scoped access and fixed-time access matters. A fixed window still leaves exposure if the credential can be replayed, copied, or abused before expiry. The Ultimate Guide to NHIs — Key Challenges and Risks explains why long-lived or poorly governed credentials keep driving incidents, while the Guide to NHI Rotation Challenges shows how delayed revocation extends that exposure.
For agentic systems, this pattern should be aligned to real-time policy engines and not static RBAC alone. Anthropic — first AI-orchestrated cyber espionage campaign report reinforces why autonomous tooling needs tighter runtime controls, because agents can chain actions faster than manual approval loops can react. These controls tend to break down when the environment still depends on shared service accounts, manual revocation, or secrets embedded in CI/CD workflows, because the “JIT” window becomes an attack window.
Common Variations and Edge Cases
Tighter JIT often increases operational overhead, requiring organisations to balance stronger containment against workflow reliability and response speed. That tradeoff becomes visible in environments where teams need emergency break-glass access, legacy apps cannot support token refresh, or orchestrators cache credentials longer than the policy intends. Current guidance suggests that those cases should be treated as exceptions with explicit controls, not as proof that broad JIT windows are acceptable.
One common edge case is pre-created identities. If an identity exists before access is granted and remains active afterward, the system may still expose the environment even when the permission was technically “time limited.” Another is manual cleanup. If revocation depends on a person or ticket closure, the exposure continues after the task should have ended. That is especially risky when secrets are reused across environments or when an agent can make follow-on requests using the same credential path.
The 52 NHI breaches Report and Ultimate Guide to NHIs both show that the real issue is not only whether access was granted, but whether it was fully withdrawn. There is no universal standard yet for every agentic or machine-to-machine scenario, but the most defensible approach is to require ephemeral secrets, immediate revocation, and policy checks that follow the task rather than the calendar.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST AI RMF and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Addresses short-lived credentials and rotation gaps that extend JIT exposure. |
| NIST AI RMF | AI RMF governs runtime accountability for autonomous access decisions. | |
| NIST Zero Trust (SP 800-207) | PR.AC-1 | Zero Trust requires continuous verification before access is granted or kept. |
Validate workload identity and context each time access is requested or refreshed.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on May 27, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
