
Last summer, a security architect at Ardent Financial told me something I have not stopped thinking about. Her team had inventoried the AI agents operating inside the company and found 212 of them. The number they had formally provisioned was 9. The other 203 were running on borrowed human credentials, shared API keys, and in one memorable case, a service account named temp-do-not-delete created in 2021.
That gap, between the agents you have and the agents you govern, is the problem we built Authr for AI Agents to close. It is generally available today for all enterprise customers.
What ships today
- Agent identities: first-class principals, distinct from users and service accounts, each bound to a human or team owner who is accountable for it.
- Delegation chains: an agent acts on behalf of a user with a cryptographically bound, verifiable chain, so downstream services know both who and what is calling.
- Scoped task credentials: short-lived tokens minted per task, with permissions computed from our Fine-Grained Authorization engine rather than copied from the owning user.
- One-click revocation: kill an agent, its delegations, and every live session it holds, everywhere, in under two seconds.
- Full Audit Fabric coverage: every agent action lands in the same immutable, hash-chained log as human activity.
What our design partners taught us
We spent nine months with six design partners, including Copperline and Ardent Financial, and they reshaped the product. Our first design gave agents standing permissions, like employees. Copperline pushed back hard: their logistics agents needed broad reach but only for minutes at a time. So we inverted the model. Agents hold almost nothing at rest and request narrow, expiring capability for each task. Their CISO described the result as an intern with a very good escort, which is exactly the energy we wanted.
The second lesson was about blast radius. Ardent asked a simple question: when an agent misbehaves, how fast can you make it stop existing? Our answer needed to be faster than a human incident bridge. Revocation is now a single control that cascades through delegation chains and active sessions, and we test it weekly in production.
Getting started
Authr for AI Agents is available now as part of the Authr platform. There is no separate SKU to negotiate and nothing to install at the edge; if you run Universal SSO and Fine-Grained Authorization today, agent identities slot into the policies you already have. Your account team can enable it this week, and if you are not yet a customer, book a demo and we will walk through your agent inventory together. Bring the service account named temp-do-not-delete. Everyone has one.
Writing from inside the identity layer since 2026. For the conversation this post starts, bring it to your next architecture review — or to ours.
