Workload identity has been a serviceable solution for service-to-service authentication. It is not a serviceable solution for an enterprise running thousands of autonomous agents — each with its own role, scope, and trust relationship.
What changes
Identity becomes a first-class asset of the AI platform. Lifecycle, scoping, and revocation must work at agent granularity. Audit trails must record actions at the identity level — not the workload level.
Architecture pattern
We see the most credible architectures combine workload identity, ephemeral credentials, and policy-as-code into a single agent-identity plane — operated by the platform team, audited by the security team, consumed by the engineering teams.