There is a lot of hype these days about AI agents within the broader category of AI applications. All the big tech vendors are building platforms (i.e. tech stacks) both for enterprises to develop their own AI agents as well as for Independent Software Vendors (ISVs) who design AI agents and then sell them to enterprises. In fact, this human-like ability to interact with AI agents and chatbots using natural language interfaces has been termed the UI for AI, in contrast with traditional static graphical user interfaces (GUIs). Yet, to fully realize the Agentic AI vision, it’s vital to appreciate the increasing importance and criticality of digital identity in agentic AI interactions.
Let’s examine three broad categories of AI agents and their impact on digital identity access patterns:
- Interactive Agent
- This is mostly where the industry is today. The user interacts synchronously with the agent via prompts/responses while being physically present during the interaction. The agent performs operations on behalf of the user. The agent in this scenario is primarily reactive.
- Autonomous Agent
- The agent performs its work autonomously, sometimes completely without user involvement. However, the autonomous agent may ask the user to approve transactions or to grant permissions, but as the agent is executing most of its work, the human user may be unavailable. The autonomous agent can either perform operations on its own behalf, or on behalf of a user where it may delegate an approval request to a human before performing a sensitive action. The agent in this scenario is primarily autonomous and proactive, not reactive.
- Digital Employee Agent
- The agent acts like an autonomous human employee. For example, it can send and receive emails since it has a mailbox, appear in group chats, access a virtual desktop, and even browse to websites, fill in forms, click buttons, etc., since it can “see” and reason over graphical user interfaces, similarly to a human. In this most advanced agentic AI scenario, the AI agent could play a specific role on a team within an organization and act similarly to a human team member.
The following diagram illustrates these three agentic AI access patterns:
Today, most AI agents are reactive, although the industry is moving toward autonomous agents. Nonetheless, an agent that can truly function as a digital employee is most likely still a while away.
The diagram above shows the primary access patterns for AI agents. Importantly, both for interactive and autonomous agents, Agent ID = Client ID. In contrast, for digital employee agents, we can start to see the separation of the Agent ID from the Client ID. For example, a human-like AI agent will have its own unique Agent ID and be able to access data via an application (i.e. web application/desktop application) that has its own Client ID, separate and distinct from the Agent ID that is accessing it. Interestingly, for digital employee agents, Agent ID = User ID, because these agents act in a similar capacity to a human being.
It’s important to note that in the diagram above, the access patterns are additive, meaning that, for example, a digital employee agent can utilize the same access patterns as an autonomous agent. To simplify the diagram, as we move from left to right, only net new access patterns are shown for each category of AI agents.
So, why is digital identity so important? First of all, AI agents need to access organizational data to be useful. These agents might at first only read data, but over time, they will be allowed to change/alter data. In addition, AI agents are expected to be specialized, and so to fulfill a certain business process, AI agents will need to communicate with other AI agents to accomplish a broader task. Furthermore, we may enter a world where two AI agents perform a task across organizational boundaries (i.e. intercompany access in addition to intracompany access), so mutually identifying the organization an agent belongs to may become necessary, alongside permissions/authorization checks. Finally, AI agents need to be able to dynamically discover other AI agents that can help them fulfill a task during runtime.
The expectation is that organizations will have hundreds if not thousands of AI agents, each with its own identity. Most likely, only a small fraction will be home grown with the majority of AI agents procured from AI agent marketplaces (i.e. off-the-shelf). Clearly, to achieve mass adoption in the enterprise, it will be critical to understand agent access patterns, permissions requested/used, and to troubleshoot agent interactions when something is awry.
AI agents will dramatically increase the surface area for digital identity interactions in the enterprise, since AI agents will become first-class citizens with their own digital identity.
It’s not difficult to imagine an AI agent logging into an application UI with its own credentials (e.g. computer-using agent), and so the client application and the AI agent will need to have two separate and distinct identities! In contrast, in the current state where most AI agents are interactive, the AI agent and the client application represent the same entity.
While AI agents are a subset of AI applications, it feels like AI agents can be better compared to microservices, where each AI agent is essentially a specialized service that is responsible for performing tasks in a specific domain. Furthermore, AI agents can be combined or chained together to form larger AI applications. Today, most AI agents are interactive, and so the AI agent is the client application. Likewise, for autonomous agents, even if user involvement is required, the AI agent is also the same entity as the client application. In contrast, however, when AI agents become capable enough to use a GUI just as a human would be able to, then the agent truly becomes completely distinct from the client application which it is accessing!
To conclude, AI agents also need authentication and authorization capabilities. Identity standards need to evolve, especially for computer-using agents. It’s rather obvious that the success or failure of increasingly autonomous AI agents will primarily depend on the trust that enterprises will be able to place on such interactions, and digital identity will play a pivotal role in the agentic AI world of tomorrow.