Full Report
AI agents are becoming a new class of enterprise identity—and most platforms weren’t built for them
Analysis Summary
# Industry News: The Agentic AI Identity Shift
## Summary
The rapid emergence of "Agentic AI"—autonomous non-human identities (NHIs) capable of independent reasoning and execution—is overwhelming legacy Identity and Access Management (IAM) systems. As these agents begin to outnumber human users and operate at machine speed, organizations must transition to microservices-based, sovereign identity platforms to maintain security and regulatory compliance.
## Key Details
- **Date:** April 16, 2026
- **Companies Involved:** Broadcom (Authoring entity), IDC, Capgemini, Fortune Business Insights
- **Category:** Market Trend Analysis / Strategic Product Positioning
## The Story
The enterprise is moving beyond simple automation toward "agentic" systems. Unlike traditional chatbots, AI agents independently formulate plans, spawn sub-agents, and cross data boundaries to execute complex workflows. Current IAM infrastructures, built for human login sessions and point-in-time authentication, are proving inadequate for this shift.
The core challenge lies in the "action" phase of AI: agents operate 24/7 without human intervention, creating a massive influx of non-human identities. These agents require short-lived, task-specific tokens and continuous risk assessment rather than static permissions. Furthermore, the "agent-to-sub-agent" hierarchy creates complex execution chains that legacy systems struggle to track, leading to significant gaps in auditability and governance.
## Business Impact
### For the Companies Involved
- **Broadcom/IAM Providers:** Positioned to capture the migration market as enterprises "repatriate" identity services from opaque SaaS models to sovereign, scalable microservices.
### For Competitors
- **Legacy & Rigid SaaS IAM:** These providers face a high risk of churn (and "sinking") if they cannot offer the low-latency, high-concurrency architecture required by machine-speed agents.
### For Customers
- **Operational Efficiency:** Successful adoption of Agentic AI can enhance 40% of enterprise applications by 2027.
- **Risk Management:** Organizations must balance the productivity of AI with the risk of "identity overreach" where an agent accesses data beyond its specific task.
### For the Market
- **Explosive Growth:** The agentic AI market is projected to grow 15x by 2034.
- **Sovereignty Focus:** Increased demand for "in-country" and single-tenant deployments to comply with the EU AI Act and DORA.
## Technical Implications
- **Microservices Architecture:** Monolithic IAM systems cannot scale for the thousands of API calls generated by parallel agent clusters; auto-scaling microservices are becoming mandatory.
- **Continuous Adaptive Trust:** Transitioning from "log-in" events to real-time behavioral monitoring to detect when an agent's intent drifts from its baseline.
- **Short-Lived Tokens:** Moving toward modern frameworks that issue scoped, temporary credentials for specific sub-tasks to mitigate the "blast radius" of a compromised agent.
## Strategic Analysis
- **Market Positioning:** Identity is shifting from a "gatekeeper" function to the "connective tissue" of the autonomous enterprise.
- **Competitive Advantage:** Early adopters of agentic-ready IAM will benefit from faster AI deployment cycles and lower Total Cost of Ownership (TCO) through architectural efficiency.
- **Challenges:** Regulatory friction (EU AI Act, DORA) and the technical debt of legacy "point-in-time" authentication systems.
## Industry Reactions
- **IDC/Capgemini:** Note a shift from experimentation to a "critical business imperative."
- **Analyst View:** There is a growing "sovereignty anxiety" among IT leaders who realize they have lost control over where identity data lives in traditional SaaS models.
## Future Outlook
- **Identity Tsunami:** Expect a massive surge in non-human identities (NHIs) that will eventually dwarf the human user base in most corporate directories.
- **Traceability focus:** The next generation of tools will focus on providing a "chain of evidence" for autonomous decision-making to satisfy auditors.
## For Security Professionals
Practitioners should prioritize auditing their current IAM capacity for machine-speed requests. If your platform relies on synchronous, monolithic updates, it will likely fail under agentic workloads. Focus on implementing **Non-Human Identity (NHI) management** and exploring **sovereign deployment models** to ensure that autonomous agents don't bypass security boundaries or violate data residency laws.