#422 - Decoded - Securing AI Agents with Standards You Already Have

Episode 422 is the debut of Decoded by Identity at the Center, a new sub-series hosted by Jeff Steadman and Sean O'Dell dedicated to unpacking the specifications and standards powering IAM. Joining them is Pieter Kasselman, VP of Open Standards at Defakto and chair of the WIMSE working group. The conversation covers why traditional non-human identity approaches break at agentic scale, how SPIFFE and SPIRE enable short-lived automated credential provisioning without long-lived secrets, and why treating agents as workloads unlocks a decade of existing standards. Pieter walks through critical OAuth specs including JWT authorization grant, token exchange, client ID metadata, and the emerging transaction tokens draft. Sean connects these to practical gateway architecture, continuous access evaluation, and policy-based authorization. The episode closes with real-world deployment examples and a clear takeaway: the tools to secure agentic identity are available today.

Episode Links:Pieter Kasselman: https://www.linkedin.com/in/pieter-kasselman-0259862/AI Agent Authentication and Authorization: https://datatracker.ietf.org/doc/draft-klrc-aiagent-auth/Workload Identity in Multi-system environments (WIMSE): https://ietf-wg-wimse.github.io/OAuth SPIFFE Client Authentication: https://datatracker.ietf.org/doc/draft-ietf-oauth-spiffe-client-auth/Transaction Tokens: https://datatracker.ietf.org/doc/draft-ietf-oauth-transaction-tokens/08/Agentic Identity Control Framework. You Already Have the Pieces. Now Build It. by Sean O'Dell: https://www.linkedin.com/pulse/agentic-identity-control-framework-you-already-have-pieces-o-dell-61b5e/

Timestamps:

00:00 Introduction to Decoded by Identity at the Center

00:13 The mission of the Decoded sub-series

03:02 Guest intro: Pieter Kasselman, VP of Open Standards at Defakto

06:21 Why agentic identity is urgent: scale, multi-platform, and shifting threat landscape

10:42 The real cost of API keys and credential sprawl in agentic systems

13:23 Agentic identity identifiers and how SPIFFE assigns unique workload IDs

21:00 Credential types: X.509, JWTs, and workload identity tokens

31:00 Connecting SPIFFE to OAuth and dynamic registration with client ID metadata

38:18 SPIFFE SVIDs, multiple credentials per agent, and governance traceability

41:44 Authentication versus authorization: delegation versus impersonation

47:00 Transaction tokens: binding access to specific transactions to stop token theft

51:21 Identity chaining and cross-domain authorization

55:00 Shared Signals Framework and dynamic authorization

57:00 Gateways, CAEP, and mid-flight token revocation for rogue agents

59:31 What you can deploy today with SPIFFE, OAuth, and existing IDPs

01:02:58 Policy-based access control and why instance-level governance cannot scale

01:04:58 Workload identity federation: Anthropic and Google Agent ID updates

01:07:13 Cross-platform federation and the law of agentic utility

01:11:55 Elevator pitch: agents are workloads and 95% of the problem is solved now

01:17:03 What is coming next: a transaction tokens deep dive

Keywords:

agentic identity, SPIFFE, SPIRE, OAuth, transaction tokens, Shared Signals Framework, WIMSE, workload identity, non-human identity, authorization delegation, JWT, CAEP, API gateway, IAM standards, AIMS, Jeff Steadman, Sean O'Dell, Pieter Kasselman, IDAC, Identity at the Center, Jim McDonald, Decoded by Identity at the Center

Decoded by Identity at the Center:

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Sean O'Dell: https://www.linkedin.com/in/seanodentity/

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Visit the show on the web at https://idacdecoded.com/