Least Privilege in AI Agents and Agentic Identity

The text discusses the concept of least privilege in AI agents and the importance of agentic identity, highlighting the challenges in managing access control due to the dynamic nature of AI agents that make decisions at runtime. Traditional service accounts are criticized for being overly broad and risky, as they often fail to capture the nuances of delegated tasks, leading to over-permission and security vulnerabilities. Instead, the text advocates for a robust access control system where AI agents carry an "identity envelope" that encapsulates the delegating human, workflow context, and declared intent, which is then used to request actions through a policy-enforcing gateway. This approach, termed "zero standing privileges," ensures that agents do not have direct access to sensitive credentials, thereby reducing the risk of unauthorized actions even if an agent runtime is compromised. The text emphasizes the necessity of continuous permission evaluation and downscoping in multi-agent systems, where each agent in the chain receives only the specific permissions required for its task, supported by an enforcement gateway that mediates tool calls and maintains the security of real credentials.