How a category that barely existed a year ago became one of the most crowded layers in the AI stack.

A year ago, almost no one said the phrase “agent identity.” Today it names one of the most crowded layers in the entire AI stack. I mapped the field and stopped counting at 38 distinct products, protocols, and standards bodies, and the count keeps climbing every month.

Microsoft, AWS, Google, Salesforce, Okta, IBM, CyberArk, and Palo Alto are all in it. A wave of venture-backed startups is in it. The standards bodies have arrived. Every one of them circles the same question: who is this agent, and what is it allowed to do?

Why agent identity became a land rush

The trigger is simple. Agents now call tools, hit APIs, and talk to other agents on their own, and every one of those calls has to authenticate. The identity systems we built over the last twenty years assume a person sits at the keyboard. An agent breaks that assumption. It runs unattended, acts on someone else’s behalf, spins up and disappears in seconds, and can fan out into dozens of copies of itself.

Two forces poured fuel on this. First, the number of non-human identities in the average enterprise already dwarfs the number of humans, and agents bend that curve hard. Second, the new agent protocols, MCP and A2A among them, dragged the question into the open: the moment an agent connects to a server it has never met, someone has to answer for who it is. A category that barely existed became a land rush.

Seven lanes of the agent identity market

The thirty-eight players sort into seven lanes. The lane matters more than the logo, because the lane decides which problem the product actually solves.

Enterprise IAM / IGA. The identity incumbents, extending human governance to agents.

• Microsoft Entra Agent ID: agent identities native to Entra ID and Copilot
• Okta / Auth0 for AI Agents: verifiable agent IDs with dynamic, Zero-Trust authentication
• SailPoint Agent Identity Security: unified IGA governance for agents beside humans
• Saviynt Identity Security for AI: a control plane for agents, MCP servers, and tools
• Ping Identity Agentic IAM: trusted runtime identities with human oversight
• Strata Maverics: orchestrates agent identity across every IdP
• Akeyless AI Agent IdP: first-class agent IDs with no embedded secrets
• WSO2 Agent ID: registers every agent with verifiable credentials
• IBM Agentic AI Identity: scoped delegation traced back to a human
• CyberArk Secure AI Agents: privileged access and secrets, extended to agents
• Idira (Palo Alto Networks): discovers and governs agents as a new identity class

Cloud & Workload Identity. The hyperscalers and workload-identity players, treating agents as workloads.

• AWS Bedrock AgentCore Identity: workload identities and brokered tokens for agents
• Salesforce Agentforce / MuleSoft: trusted agent identity propagated at the gateway
• Cloudflare Agents / MCP: edge authorization and hosting for agents and MCP
• SPIFFE / SPIRE: attested workload identities (SVIDs) for non-human workloads
• Aembit: secretless, just-in-time access for agent workloads
• HashiCorp Vault: dynamic short-lived credentials for agent workloads

Developer / CIAM Auth. The auth platforms, issuing OAuth and MCP credentials to agents.

• Descope Agentic Identity Hub: a dedicated identity provider for agents and MCP servers
• Stytch (a Twilio company): an OAuth 2.1 authorization server for agents and MCP
• Ory: open-source OAuth 2.1 identity for agents
• WorkOS: developer auth for AI agents and MCP servers

Non-Human Identity Security. The security vendors, discovering and governing agents as non-human identities.

• Astrix Security: discovers and governs shadow agents and non-human identities
• Token Security: machine-first identity security for agents and NHIs
• Oasis Security: lifecycle and posture for agent non-human identities

Decentralized / DID. The self-sovereign approaches, making agent identifiers portable across organizations.

• Indicio ProvenAI: decentralized IDs and verifiable credentials for agents
• ArcBlock: blockchain-anchored DIDs for agents by default
• Agent 402: decentralized identity, payments, and discovery for agents
• agent-did: an open-source DID and VC toolkit for agents

Protocols & Standards. The wire-level specifications that define how agents identify and talk.

• Model Context Protocol (MCP): the tool-connectivity standard that drives agent auth
• Google A2A (Agent2Agent): signed Agent Cards for cross-vendor interoperability
• Agent Transfer Protocol (AGTP): cryptographic canonical identity, certificates, and Agent Name Service (ANS)
• Agent Auth (AAuth): cryptographic, first-class identity per agent
• W3C DID + VC: the foundational standard most agent IDs build on
• Alibaba Open Agent Auth: cryptographic identity bound to agent operations
• AGNTCY (Cisco Outshift): an identity and scope framework for multi-agent systems

Governance & Standards Bodies. The institutions writing the rules everyone else implements.

• NIST AI Agent Standards Initiative: a US standards effort for agent identity and security
• CoSAI Principles for Agentic IAM: industry principles for human-governed agents
• OWASP NHI Top 10 / Agent Name Service (ANS): risk baselines plus a DNS-like agent name service

What the map tells you

Two things, and they pull in opposite directions.

The first is convergence. The entire industry now agrees that agents need a first-class identity of their own, separate from the humans they serve and the apps they run inside. A year ago that was a thesis. Today there are endless options, all vying to be a standard. When incumbents, startups, and regulators arrive at the same layer at the same moment, the layer is real.

The second is fragmentation. Seven lanes carry the same headline and solve different problems beneath it. Enterprise IAM governs the agent lifecycle. Workload-identity players authenticate the running process. CIAM platforms mint and verify tokens. The non-human-identity security vendors find the agents already loose in your environment. Decentralized approaches make the identifier portable across organizations. Protocols define how identity travels on the wire. Standards bodies write the rules everyone else implements. A buyer who picks a “market leader” before naming the lane buys the wrong solution shape.

This is why the marketing blurs together. Read ten of these sites, and you will meet the same sentence ten times: first-class identity for every agent. The slogan is identical; the substance lives in the lane and the layer. So start there. Decide whether your real problem is discovery, issuance, interoperability, or governance, then shop the lane that owns it. The differentiator you care about is rarely the one on the homepage.

The layer the map is missing

Look across all seven lanes, and one fact stands out. In every case, the thing being verified is the identifier. A key. A token. A signed Agent Card. A discovered credential. And it is rapidly becoming table stakes.

The harder questions sit one layer up. What authority does this agent actually carry? Who delegated it, how far does it reach, and what constrains the agent once it starts acting? An identifier confers a name. It says nothing about conduct. A verified agent holding a valid token can still take an action no one intended, and the badge it carries will pass every check along the way.

I have argued elsewhere that an identity layer has no way to certify what an agent is, since the field shares no testable definition of one. This map is the other half of that argument. The industry has built impressive machinery for naming agents and very little for governing them. The open ground is the behavioral layer: self-describing identity paired with discovery, an honest account of what each agent claims to be, and a runtime conscience that judges conduct rather than credentials. That is where the next thirty-eight companies will compete.

So before the next agent identity pitch wins your budget, ask the one question the whole map dances around: once a tool has named the agent, what governs what that agent is allowed to do?

---

If you find this content valuable, please share it with your network.

Follow me for daily insights.

Book me to speak at your next event.

Start managing your agents for free.

Chris Hood is an AI strategist and author of the #1 Amazon Best Seller Infailible and Customer Transformation, and has been recognized as one of the Top 30 Global Gurus for Customer Experience. His latest book, Unmapping Customer Journeys, is available now!