Runtime authorization for agents
A security firm says traditional login controls aren't enough once AI agents act autonomously, and it published a runtime‑authorization approach that governs what agents can do while they run rather than just who logged in at the start. The write‑up frames this as a new layer of identity-and-access control for agentic software deployments, aimed at tighter, action‑level governance in regulated workflows. (computerworld.com)
Artificial intelligence agents can log in with valid credentials and still take the wrong action later, which is why Curity is pushing “runtime authorization” that checks each step as it happens. (computerworld.com) Curity announced a product called Access Intelligence on April 15, 2026, and said it is built into the Curity Identity Server to control what enterprise agents can access and do in real time. The company said the system targets agents that call application programming interfaces, Model Context Protocol servers, and other agents. (curity.io) The basic problem is that older identity-and-access systems were built for a person or app that signs in once and then keeps a stable session. Curity’s pitch is that agents behave differently because they can chain tool calls, switch tasks, and make decisions after the initial login. (computerworld.com) Curity told Computerworld it treats an agent as a special kind of application and uses OAuth tokens not just to prove identity but to carry the agent’s stated purpose. In that model, access is granted at runtime, with a separate token describing the action the agent wants to take. (csoonline.com) In plain terms, this is closer to checking every purchase on a company card than checking only who opened the wallet that morning. Curity says high-risk actions can be denied, masked, or routed for human approval instead of running automatically. (curity.io; techcommunity.microsoft.com) The timing reflects a wider industry scramble to govern agents after they move from chat interfaces into business workflows. The National Institute of Standards and Technology asked for public input in February 2026 on agent identification, authorization, auditing, non-repudiation, and controls against prompt injection. (nist.gov) Other vendors are framing the same gap in similar terms. Microsoft wrote last week that identity is necessary for agents but that safe autonomy also needs a runtime decision layer that can allow, deny, require approval, or mask data before a tool executes. (techcommunity.microsoft.com) Security vendors and industry groups have also started warning that agents can become privilege-bypass paths when they inherit broad permissions inside companies. HashiCorp said in March that legacy identity-and-access methods do not map cleanly to agentic systems, and the Cloud Security Alliance published an agent security checklist that includes authorization and token controls. (hashicorp.com; cloudsecurityalliance.org) Curity’s argument is not that login controls are obsolete; it is that they are incomplete once software starts acting on its own after login. As more companies put agents into regulated finance, health, and operations workflows, the fight is shifting from “who signed in” to “what the agent is allowed to do next.” (computerworld.com; curity.io)
