45.6% of teams still rely on shared API keys for agent-to-agent authentication. Only 21.9% treat #AI agents as independent identity-bearing entities.
That's Strata's 2026 research. ISACA called it "The Looming Authorization Crisis" a year earlier. The pattern is consistent: teams authenticate the agent and assume that covers scope.
It doesn't. Authentication confirms identity. Authorization defines what that identity is allowed to do. In multi-agent workflows, an authenticated agent with broad permissions can chain actions across systems that no single human would be authorised to perform. OAuth 2.0 and OIDC were designed for one principal, one session. They break when the principal spawns sub-agents with inherited permissions.
SailPoint found 80% of IT professionals have witnessed AI agents performing unauthorised actions. NIST published a concept paper in February 2026 specifically because the existing identity framework doesn't hold.
The agent was authenticated. The action wasn't authorised. They're not the same problem.
That's Strata's 2026 research. ISACA called it "The Looming Authorization Crisis" a year earlier. The pattern is consistent: teams authenticate the agent and assume that covers scope.
It doesn't. Authentication confirms identity. Authorization defines what that identity is allowed to do. In multi-agent workflows, an authenticated agent with broad permissions can chain actions across systems that no single human would be authorised to perform. OAuth 2.0 and OIDC were designed for one principal, one session. They break when the principal spawns sub-agents with inherited permissions.
SailPoint found 80% of IT professionals have witnessed AI agents performing unauthorised actions. NIST published a concept paper in February 2026 specifically because the existing identity framework doesn't hold.
The agent was authenticated. The action wasn't authorised. They're not the same problem.