Identity Management for Agentic AI [pdf] (openid.net)

A new whitepaper, Identity Management for Agentic AI (Oct 2025, lead editor Tobin South, OpenID Foundation), lays out a roadmap for authentication, authorization, and identity as autonomous AI agents proliferate. It assesses where current standards—OAuth 2.1, OpenID Connect, SSO/SCIM provisioning, and the Model Context Protocol (MCP)—work (single trust domains, synchronous agent calls) and where they break down (cross-domain, asynchronous workflows, delegated authority, multi-user/shared agents, browser/computer-control agents). The report recommends immediate measures—agent-specific credentials, dynamic client registration, interoperable enterprise security profiles (e.g., IPSIE), clear user consent scopes—and highlights MCP and agent-to-agent protocols as central primitives for connecting LLMs to tools. Significant future challenges and technical implications are emphasized: avoid vendor-specific agent identity fragmentation; replace user-impersonation with explicit “on-behalf-of” delegation and provenance proofs; design registries and scope-attenuation for recursive delegation and transitive trust chains; create programmatic verification and audit trails to scale trustworthy autonomy beyond human-in-the-loop oversight; and protect web interactions by authenticating web agents. For IAM teams, developers, and standards bodies this means evolving protocols and operational tooling (lifecycle management, attestation, logging, consent UX) to preserve least-privilege, accountability, and interoperability as agents gain autonomy.