Enterprises can enforce runtime authentication, authorization, and audit controls to establish guardrails for autonomous AI agents and secure MCP services
Strata Identity announced the introduction of a new product, Identity Orchestration for AI Agents. Built on Strata’s Maverics vendor-agnostic identity fabric and hybrid air-gap architecture, it provides identity guardrails and observability for AI agents without limiting identity provider (IDP) choice.
AI agents pose new identity challenges that traditional IAM can’t handle. These agents are ephemeral and autonomous, accessing enterprise data through MCP (Model Context Protocol). As a result, they operate across systems using opaque credential flows without persistent attributes, dynamic provisioning, or audit trails. In hybrid environments spanning clouds, on-prem systems, and multiple IDPs, this creates blind spots in governance, inconsistent access control, and a higher risk of fraud and non-compliance.
Strata’s new product addresses these challenges by issuing short-lived, scoped credentials at runtime; enforcing fine-grained, policy-as-code authorization, including human-in-the-loop approval for sensitive actions; and logging every agent decision and MCP-initiated API call for full auditability.
Also Read: Credo AI Unveils Global Program to Govern AI at Scale
“Autonomous AI agents now act as users in enterprise systems—but without user-level guardrails or observability. So Strata is bringing policy-based identity security to runtime where agents live,” said Eric Olden, CEO of Strata Identity and co-author of the SAML standard. “Strata’s Maverics supports open identity frameworks such as OAuth and emerging standards like the AI-native MCP protocol, enabling seamless interoperability across vendors, platforms, and agent ecosystems at scale.”
Strata’s Maverics treats every AI agent as a first-class identity, governed by the same rigor as human users, to provide zero-trust governance for autonomous AI agents. This industry-first approach handles every agent action as a policy-enforced, observable, and auditable event in real time. Its identity-aware, MCP-native proxy enforces policy without requiring changes to existing apps or microservices.
According to Gartner®, “A unified model that extends established IAM principles and protocols to AI agents, while also fostering interoperability between different AI platforms, is crucial for realizing the benefits of agentic AI in a secure and responsible manner.”
Maverics Identity Orchestration for AI Agents
To enable secure, auditable, and policy-driven control over AI agents, Maverics Identity Orchestration provides the following key capabilities:
- Dynamic, runtime authentication for agents using delegated OAuth flows—supporting PKCE and SPIFFE/SVID to enable ephemeral, scoped trust without static credentials.
- Policy-driven, attribute- and context-aware authorization, through On-Behalf-Of (OBO) flows with optional human-in-the-loop verification to enforce step-up approvals for sensitive or high-risk actions.
- Just-in-time issuance/provisioning of agent identities into any cloud or on-premises IDP, including automatic credential rotation, lifecycle expiry, and ownership assignment.
- Full-stack observability through OpenTelemetry, providing near real-time, correlated traces of both human and agent interactions for forensic lineage, risk analysis, and audit through your existing reporting and analytics tools.
With extensive input from Strata’s design partners–including leaders in global financial services, high-tech manufacturing, defense, and retail–Strata’s Identity Orchestration for AI Agents was built to meet enterprise requirements for guardrails and observability over the secure use of agentic workflows, enabling seamless interoperability across vendors, platforms, and agent ecosystems.
Source: Businesswire
