Descope Agentic Identity Hub: AI Agent IAM Arrives

The News

Descope has launched the Agentic Identity Hub, a dedicated identity provider designed specifically for AI agents and MCP (Model Context Protocol) servers. The product extends Descope’s existing no-code customer identity and access management (CIAM) platform to address a gap that traditional IAM architectures were never built to handle: authenticating, credentialing, governing, and auditing AI agents that act on behalf of users or operate autonomously. The Hub includes an agent directory, a token vault, policy-based authorization, OAuth 2.1-compliant MCP authentication, and a “kill switch” for revoking misbehaving agents, with early customers including You.com, WisdomAI, Cequence Security, Token Security, and Daylight Security.

Analyst Take

The IAM Gap That AI Agents Exposed

Enterprise IAM was built around a simple mental model: humans authenticate, machines use API keys, and permissions are static and predictable. AI agents collapse that model entirely. An agent can be user-delegated or fully autonomous. Its permissions need to be context-dependent and runtime-scoped. Its decision-making is partially opaque. Its audit trail must capture not just what happened, but who approved it and through what delegation chain. None of that fits neatly into RBAC, long-lived API keys, or traditional OAuth flows designed for human-initiated sessions.

Descope’s briefing materials include a striking data point from Gravitee’s State of AI Agent Security 2026 report: only 22% of teams treat agents as independent identities, with most relying on shared API keys. That’s not a configuration problem. It’s an architectural one, and it’s exactly the problem the Agentic Identity Hub is designed to solve. The anti-patterns the deck cites are already producing real incidents: stolen long-lived OAuth tokens that breached 700-plus organizations (Drift/Salesloft, August 2025), 1.5 million machine identities compromised via API keys (Moltbook, January 2026), and over 1,000 agent instances found exposed on the public internet with leaked credentials. These are not theoretical risks.

Why This Resonates Beyond Security Teams

The Agentic Identity Hub is positioned at the intersection of two fast-moving priorities. According to ECI Research’s 2026 DevSecOps + AppSec survey, AI code governance is the #1 priority investment area for enterprise security teams heading into 2026. That’s not a coincidence. As agents become first-class participants in software delivery and customer-facing workflows, the question of who an agent is, what it’s allowed to do, and what it actually did becomes a security and compliance question as much as a product one.

For ITDMs, the value proposition is containment: the Hub’s token vault ensures agents never hold long-lived application tokens but receive short-lived, scoped credentials only when needed. This could reduce blast radius in a compromise scenario without requiring API logic changes on the backend. Cequence Security, which processes nearly 10 billion API transactions daily, reports that Descope now powers auth for every MCP server in its AI Gateway product. For developers, the appeal is that the Hub plugs into existing Descope user journey flows or federates with third-party CIAM providers, meaning teams don’t have to build a secondary authorization model for agents and keep it synchronized with the human-facing one. Token Security’s co-founder put it plainly: the same roles and tenants governing human access now govern what AI clients can do on their MCP server.

The MCP Bet and What It Signals

Descope is making a clear architectural bet on MCP as the dominant protocol for agent-to-application communication. The ChatGPT App Store and Claude Connector Marketplace both use MCP, and the deck cites AI agents as projected to power $35 trillion in commerce transactions by 2030. Whether that projection proves accurate is secondary to the directional signal: enterprise applications will increasingly need to expose APIs to agents they don’t own or control, and those APIs need an identity layer that can handle OAuth 2.1, PKCE, dynamic client registration, and scope-based delegation without requiring developers to become experts in the MCP auth specification.

ECI Research’s 2026 DevSecOps + AppSec survey found that 67.5% of respondents already enforce repository access controls as a supply chain protection, which reflects a maturing posture around software provenance. But repository controls address the code layer, not the runtime layer. As agents call APIs, consume MCP servers, and chain tasks across services, the runtime identity layer becomes the new perimeter. Descope is positioning the Agentic Identity Hub to own that layer, and the customer roster it’s assembling (AI platforms, security vendors, analytics startups with Fortune 500 customers) suggests genuine demand, not just early-adopter experimentation.

Looking Ahead

The Agentic Identity Hub occupies a white space that most incumbent IAM vendors have been slow to address. Okta, Auth0, and Microsoft Entra are all capable platforms for human and service identity, but none have shipped a purpose-built agent identity product at this level of specificity. That window won’t stay open indefinitely. Expect the major IAM players to acquire or build in this space over the next 12–18 months, which means Descope’s current advantage is execution speed and the developer experience moat it’s built through its no-code CIAM platform and existing customer base of 1,300-plus organizations.

The deeper strategic question is whether MCP becomes the durable protocol standard it appears to be gaining momentum toward, or whether the agent communication layer fragments across proprietary implementations from OpenAI, Anthropic, Google, and others. If MCP consolidates, Descope’s OAuth 2.1-compliant hub is well-positioned. If it fragments, the abstraction layer Descope is building still has value, but the integration surface grows considerably more complex. Either way, the identity problem for AI agents isn’t going away. Organizations building production agentic workflows should treat agent identity as a Day 0 infrastructure decision, not an afterthought.

Authors

  • Paul Nashawaty

    Paul Nashawaty, Practice Leader and Lead Principal Analyst, specializes in application modernization across build, release and operations. With a wealth of expertise in digital transformation initiatives spanning front-end and back-end systems, he also possesses comprehensive knowledge of the underlying infrastructure ecosystem crucial for supporting modernization endeavors. With over 25 years of experience, Paul has a proven track record in implementing effective go-to-market strategies, including the identification of new market channels, the growth and cultivation of partner ecosystems, and the successful execution of strategic plans resulting in positive business outcomes for his clients.

    View all posts
  • With over 15 years of hands-on experience in operations roles across legal, financial, and technology sectors, Sam Weston brings deep expertise in the systems that power modern enterprises such as ERP, CRM, HCM, CX, and beyond. Her career has spanned the full spectrum of enterprise applications, from optimizing business processes and managing platforms to leading digital transformation initiatives.

    Sam has transitioned her expertise into the analyst arena, focusing on enterprise applications and the evolving role they play in business productivity and transformation. She provides independent insights that bridge technology capabilities with business outcomes, helping organizations and vendors alike navigate a changing enterprise software landscape.

    View all posts