On-behalf-of authorization is a decision pattern that evaluates both the calling service and the original user whose action triggered the request. It prevents delegated workflows from exceeding user intent by enforcing policy on the combined identity context instead of trusting the service alone.
Expanded Definition
On-behalf-of authorization is a delegated access pattern used when an agent, service, or workflow acts for a user but must still be constrained by that user’s original intent. It is distinct from ordinary service-to-service authorization because the policy decision must evaluate both identities: the caller and the end user.
In NHI and IAM architectures, this matters wherever a backend service exchanges a user token, forwards a request, or invokes downstream tools after receiving a user action. The security question is not simply whether the service is authenticated, but whether the combined context permits the specific operation under least privilege. This aligns closely with NIST Cybersecurity Framework 2.0 concepts around access control and governance, and it is increasingly discussed in agentic workflows where an AI agent executes a task on a person’s behalf.
Definitions vary across vendors on how much original-user context must be preserved, how long it remains valid, and whether downstream systems should re-evaluate policy at each hop. NHI Management Group treats on-behalf-of authorization as a control boundary, not just a token handling technique, because delegated authority can expand quietly across chained services. The most common misapplication is treating a service account as fully trusted after login, which occurs when engineers validate only the service identity and discard the originating user context.
Examples and Use Cases
Implementing on-behalf-of authorization rigorously often introduces latency and token-handling complexity, requiring organisations to weigh tighter intent enforcement against simpler service integration.
- A customer support portal lets a backend service retrieve account details only for the signed-in user, even though the service itself has broader database access.
- An internal copilot submits a ticket, but the approval workflow checks both the employee identity and the agent’s tool-scoped permission before creating a privileged change.
- A federated API gateway exchanges a user token for a downstream token, preserving the original subject so the target service can enforce user-specific policy.
- A healthcare workflow permits a scheduling service to act for a clinician only within the clinician’s assigned role and patient context, not as a blanket delegated admin.
- An incident-response automation queries logs on behalf of an operator, but the query is limited to the operator’s clearance and the automation’s own read-only scope, consistent with guidance discussed in the Ultimate Guide to NHIs.
These patterns are easiest to implement when the platform can propagate structured identity claims end to end. Where service meshes or token exchange are used, teams often compare them against patterns described by NIST Cybersecurity Framework 2.0 to keep authorization decisions tied to business intent rather than infrastructure convenience.
Why It Matters in NHI Security
On-behalf-of authorization becomes critical when a delegated system can do more than the user intended. Without it, a compromised service account can turn a routine user request into broad lateral movement, data exposure, or unauthorized transaction execution. This is especially dangerous in environments with opaque service chains, because the original user may disappear from the audit trail after the first hop.
The risk is not theoretical: NHI Management Group reports that 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, and 97% of NHIs carry excessive privileges, which amplifies the blast radius when delegation is not constrained. The same conditions that create secret sprawl and privilege accumulation also make on-behalf-of enforcement harder to verify in production, as described in the Ultimate Guide to NHIs.
Practitioners should treat this control as part of Zero Trust authorization, not as a logging detail. It becomes operationally unavoidable after a workflow has already approved, queried, or transferred something that the user never explicitly meant to authorize.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Covers delegated NHI use and preserving intent across service actions. |
| NIST Zero Trust (SP 800-207) | AC-4 | Zero Trust requires policy decisions to follow the request context, not implicit trust. |
| NIST CSF 2.0 | PR.AA | Identity and access management guidance supports verifying both actor and subject. |
Bind delegated access to verified identity context and review authorization boundaries regularly.
Related resources from NHI Mgmt Group
- What are MCP Authorization Extensions and how do they help organizations?
- Why is it necessary to address authorization challenges in AI agent deployment?
- When should organisations use runtime authorization for AI agents?
- What is the difference between prompt-based control and runtime authorization for agents?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 11, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
