AI Infrastructure Needs an Agentic Identity Framework — We’re Building It

AI agents are about to cross a threshold. For infrastructure and security leaders, agentic AI is no longer an innovation topic but a production readiness problem.

What started as sandboxed applications and tech demos at trade shows (bet you’ve seen a few of those) has morphed into long-running autonomous actors operating directly in production cloud and on-prem infrastructure. They read data, write code, deploy services, access databases, and make decisions continuously across environments.

What they don’t do is sleep or wait for approval prompts. But more importantly, they just don’t fit into the identity models the industry has spent decades building.

We are now in a place where leaders need to harden their identity architecture to prepare for this new era of AI.

And that’s the problem.

AI cannot scale securely until it is rooted in a definition of identity that makes sense for the modern-day tech world. Legacy, fragmented identity systems (passwords, API keys, static service accounts, long-lived secrets, and PAM systems) designed for humans and simple service accounts were already straining under cloud scale. With agents, those tools break down entirely.

This isn’t a new concern for infrastructure leaders. In a recent Teleport survey of over 200 infrastructure and security decision-makers, 69% said widespread AI adoption will need significant changes to how identity is managed. Only 2% disagreed.

The message is clear: existing identity approaches are insufficient for securing agentic systems at scale.

Agents have an identity gap

Agents add a layer of complexity that does more than just complicate identity — it reveals just how brittle the industry’s approach always was. Agents are definitely not human, but they’re also not service accounts or scripts.

They operate autonomously and do so unpredictably. They’re great at reaching a result, but not at doing it the same way every time. Each agent can follow multiple access paths (MCP servers, APIs, databases, internal services, LLMs, orchestration systems), and each new path expands blast radius, making root cause analysis and remediation exponentially more difficult when things go sideways.

At the same time, internal tensions are silently building. Executive teams are pushing to operationalize AI to unlock productivity gains, while security and platform teams are left to manage the risk of systems that act autonomously, operate without downtime, and make non-deterministic decisions. The result is a growing gap between deployment urgency and security readiness — one that legacy identity models were never designed to close.

We’re already seeing the consequences:

• Agents deployed with broad, static privileges become high-value targets.
• Shadow MCP servers and unmanaged tool endpoints leak data and secrets.
• LLM usage grows without budgets, guardrails, or auditability.
• Security teams cannot reliably discover agents, trace actions, or investigate incidents.
• Agents are deployed ad-hoc, inconsistently, and with least-effort security.

The tools aren’t to blame. It’s an identity failure. My co-founder calls it an Agentic Identity Crisis — and he’s not wrong. The tech industry is trying to graft AI onto identity systems that were never intended to represent autonomous actors with continuous machine behavior.

All this does is compound risk faster than teams can respond. Retrofitting AI into legacy identity systems is either impossible, or so costly and disruptive that it may as well be.

That’s why I believe a unified identity layer, rooted in strong implementation, must be treated as a prerequisite to agentic AI. Built-in from the start, not bolted on after the fact.

Unified, strong identity must come before AI scale

Eradicating anonymity is the first step to deploying and scaling agents securely But Agentic AI does not need yet another identity system.

What it needs is a unified identity layer where humans, machines, workloads, and AI agents are all treated the same — as first-class digital actors under a single model.

From an architectural standpoint, this unified identity layer must be built to the same zero trust standard that already exists in cybersecurity. That model must be:

• Cryptographically secured, not credential-based
• Ephemeral and policy-driven, not static and long-lived
• Observable and auditable in real time, not reconstructed after the fact
• Standards-driven

This model aligns directly with Zero Trust security principles. Agent identities must be cryptographically secured, rooted in strong hardware-backed trust, and issued dynamically with no standing privileges. By eliminating static credentials and long-lived secrets, organizations can significantly reduce blast radius, prevent unauthorized access, and gain real-time visibility into agent behavior across infrastructure.

Without a unified identity foundation, AI introduces exponential security and operational risk. With it, agents can be deployed and scaled safely because they are governed consistently.

The Teleport Agentic Identity Framework

As I called out above, there is huge pressure to take advantage of new AI productivity gains. Well-intentioned business teams, and even rushed engineers, can easily introduce new risks; over-privileged agents are targets for attackers, inadvertent secrets leaks, or data exposure.

Inventing new systems and processes for mitigating that risk is the kind of extremely high effort, undifferentiated work that can derail engineering teams or stall project adoption indefinitely

That’s why we are introducing the Teleport Agentic Identity Framework: a standards-driven set of designs, SDKs, and reference implementations for deploying AI agents securely.

This framework is intended to serve as a reference standard for the community, and will evolve over time to address the evolving challenges presented by Agentic AI. As the framework grows, the goals will always be to accelerate AI initiatives, help teams to maintain compliance, and ensure agents are secured, controlled, and auditable.

• Accelerate AI initiatives: Standardized identity and access patterns, reusable integrations/libraries, and an opinionated model to lower the “security review tax.”
• Maintain compliance: Centralized discovery and control of agents/MCP endpoints and continuous audit logs to empower security teams and reduce drift.
• Reduce risk: Elimination of shared secrets and impersonation, enforcement of least privilege based on cryptographic identity, and continuous discovery/detection to secure deployments based on best practices.

Is your infrastructure ready to scale with AI?

I don’t believe the launch of this new framework could be more timely. The world has moved past experimenting with AI, and 2026 is the year when the technology will graduate from labs and go into production at most companies.

When that happens, and agents become an intrinsic part of core infrastructure, identity will be the deciding factor over whether AI accelerates an organization or becomes a liability.

If identity stays fragmented — anonymous and credential-based — then AI will just amplify every weakness already present. But when identity is unified, cryptographic, and observable, then AI can be deployed safely at scale.

I strongly believe that what we’ve created with the Teleport Agentic Identity Framework is a path forward for scaling AI safely. It gives security and engineering teams a practical, production-ready way to build agentic systems without introducing new silos, weakening governance, or quietly accumulating risk that they won’t be able to unwind later.

Importantly, the Agentic Identity Framework is designed to be practical, not theoretical. It gives platform and security teams a clear path to move from experimentation to production-grade agent deployments, with identity serving as the foundation of trust across infrastructure, tools, and data.

Agentic AI is here. It’s time for identity to catch up.

Learn more about the Teleport Agentic Identity Framework here.

FAQ

What is the Agentic Identity Framework?

The Teleport Agentic Identity Framework is a standards-based security architecture for deploying AI agents safely across infrastructure. It is a growing set of reference implementations, SDKs, and integrations that will provide security and engineering with a practical, opinionated model for deploying workflows securely.

What is a Unified Identity Layer?

A unified identity layer is a centralized approach to managing identities across humans, machines, workloads, devices, infrastructure resources, and AI agents, ensuring access is governed consistently in one place. It relies on strong, cryptographic identity coupled with short-lived, least-privileged access to eliminate the use of static credentials and ensure identity-aware visibility for audits and incident response.

Who is the Agentic Identity Framework designed for?

The Framework is designed for security and engineering leaders seeking a practical, standards-aligned way to securely deploy agentic AI across teams and environments.

Can existing Teleport customers use the Agentic Identity Framework immediately?

The framework will be publicly available on Jan 27, defining our first set of Agentic Identity guidelines and use cases. This framework exists because there is no ready-made solution to this problem. Rather than pretending otherwise, we’re building incrementally and publicly so teams can see what’s real, what’s coming, and how it’s evolving over time.