Sign up to save your podcasts
Or
Share Identity as Infrastructure in the Agentic Era
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Identity as Infrastructure in the Agentic Era
In this episode of Resilient Cyber, I sat down with Karl McGuinness — author of Control Plane and one of the sharpest voices working on identity in the agentic era — to unpack what most of the industry is still getting wrong about IAM for AI agents.
Karl's thesis is a provocation: we spent two decades optimizing authentication and authorization, and we built that stack for human-paced execution. Agents remove the presence, pacing, and natural scope-limiting that made those controls work — and no amount of stronger credentials, tighter scopes, or faster JIT provisioning closes the structural gap. The real frontier isn't AuthN or AuthZ. It's delegation: how approved intent becomes bounded authority that stays governed across delegation chains, unfamiliar tools, consent expansion, revocation, and task termination.
Chris and Karl dig into:
↳ Why the industry optimized for the wrong question, and what changes when agents enter the loop
↳ The Execution Mandate — agents don't need your passport, they need your authority
↳ Why governing the stay matters more than governing the entry, and what continuous evaluation of authority looks like in practice
↳ Mission-Bound OAuth, including Karl's own pessimistic case against it
↳ AAuth vs. OAuth as the substrate for agentic identity, and what signal will tell us which one wins
↳ Why Mission Shaping is necessary but not sufficient when quiet expansion, headless execution, and stale state are in play
↳ Open-world OAuth, MCP, and first-contact trust — what the newer standards solve and the substrate gaps no draft is closing
↳ ID-JAG and Cross-App Access (XAA): why enterprise SaaS needs to abandon app-by-app OAuth islands
↳ The widening gap between IETF drafts and the "agentic IAM" being sold at RSA, and the minimum viable posture for teams running agents in production today
Whether you're a CISO, an identity architect, or a security leader trying to separate vendor narrative from substrate reality, this is a clear-eyed map of where agentic IAM actually is and where it has to go.
🔗 Karl's writing: https://notes.karlmcguinness.com/
🔗 Subscribe to Resilient Cyber on Substack: https://www.resilientcyber.io/
🔗 Follow Chris on LinkedIn: https://www.linkedin.com/in/resilientcyber/
View all episodes
By Chris Hughes
4.9
1616 ratings
In this episode of Resilient Cyber, I sat down with Karl McGuinness — author of Control Plane and one of the sharpest voices working on identity in the agentic era — to unpack what most of the industry is still getting wrong about IAM for AI agents.
Karl's thesis is a provocation: we spent two decades optimizing authentication and authorization, and we built that stack for human-paced execution. Agents remove the presence, pacing, and natural scope-limiting that made those controls work — and no amount of stronger credentials, tighter scopes, or faster JIT provisioning closes the structural gap. The real frontier isn't AuthN or AuthZ. It's delegation: how approved intent becomes bounded authority that stays governed across delegation chains, unfamiliar tools, consent expansion, revocation, and task termination.
Chris and Karl dig into:
↳ Why the industry optimized for the wrong question, and what changes when agents enter the loop
↳ The Execution Mandate — agents don't need your passport, they need your authority
↳ Why governing the stay matters more than governing the entry, and what continuous evaluation of authority looks like in practice
↳ Mission-Bound OAuth, including Karl's own pessimistic case against it
↳ AAuth vs. OAuth as the substrate for agentic identity, and what signal will tell us which one wins
↳ Why Mission Shaping is necessary but not sufficient when quiet expansion, headless execution, and stale state are in play
↳ Open-world OAuth, MCP, and first-contact trust — what the newer standards solve and the substrate gaps no draft is closing
↳ ID-JAG and Cross-App Access (XAA): why enterprise SaaS needs to abandon app-by-app OAuth islands
↳ The widening gap between IETF drafts and the "agentic IAM" being sold at RSA, and the minimum viable posture for teams running agents in production today
Whether you're a CISO, an identity architect, or a security leader trying to separate vendor narrative from substrate reality, this is a clear-eyed map of where agentic IAM actually is and where it has to go.
🔗 Karl's writing: https://notes.karlmcguinness.com/
🔗 Subscribe to Resilient Cyber on Substack: https://www.resilientcyber.io/
🔗 Follow Chris on LinkedIn: https://www.linkedin.com/in/resilientcyber/
More shows like Resilient Cyber
View all
Risky Business
376 Listeners
RunAs Radio
83 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,027 Listeners
Cloud Security Podcast
58 Listeners
Cybersecurity Headlines
136 Listeners
Entra.Chat
5 Listeners