TLDR: Descope has significantly upgraded its Agentic Identity Hub, introducing advanced policy-based security guardrails designed to secure AI agents throughout their lifecycle. This enhancement provides critical identity management, scope-based access control, and comprehensive monitoring capabilities for AI systems.
Descope, a prominent external Identity and Access Management (IAM) platform, announced on August 4, 2025, a major enhancement to its Agentic Identity Hub. This upgrade introduces robust policy-based security guardrails specifically tailored for AI agents, addressing the growing need for secure and governed AI operations within enterprises. The Agentic Identity Hub is positioned as an industry-first “Agentic Identity Control Plane,” offering a comprehensive suite of tools for managing the identity and access of AI agents across their entire lifecycle.
The core of this enhancement lies in its ability to provide scope-based access control, continuous monitoring, and streamlined identity management for AI systems. As AI agents become increasingly integrated into enterprise and consumer workflows, organizations face significant challenges in ensuring secure connectivity to external SaaS tools and properly authenticating AI agents with appropriate access levels and human oversight. Descope aims to mitigate these risks, including identity spoofing, tool misuse, and privilege compromise, which are critical concerns highlighted in frameworks like the OWASP Top 10 for GenAI.
Originally launched in April 2025, the Agentic Identity Hub was designed to solve authentication and authorization complexities for AI agents, systems, and workflows. Key features at its initial release included enabling applications to become “agent-ready” with user consent, providing agents with scalable connectivity to over 50 third-party tools and enterprise systems, and offering purpose-built authorization APIs and SDKs to protect remote Model Context Protocol (MCP) servers.
According to Slavik Markovich, Co-founder and CEO of Descope, “As AI systems make our lives easier, we must ensure the lives of developers building AI don’t become harder.” He emphasized that the Agentic Identity Hub provides developers with tools to focus on AI system development and fine-tuning, rather than the intricacies of authentication and access control. Markovich further stated that “True enterprise AI adoption won’t happen without a robust, interoperable identity infrastructure working behind the scenes, and we’re excited to be a part of that infrastructure.”
The platform’s technical architecture addresses the unique challenges of machine-to-machine interactions on behalf of users. It includes “Inbound Apps” capabilities, allowing applications and APIs to become agent-compatible via OAuth-based authentication with user consent screens. This ensures users retain control and visibility over the data and actions an AI agent can access. The “Outbound Apps” functionality simplifies how AI agents connect with external tools, offering pre-built templates for over 50 integrations and managing tokens with different permission scopes. Additionally, MCP Auth SDKs and APIs secure remote MCP servers.
Also Read:
- AWS Enhances AI Agent Capabilities with New Bedrock AgentCore Tools
- Composio’s Adaptive AI Agents Revolutionize Tool Integration, Overcoming Development Hurdles
Descope’s no-code/low-code external IAM solution is already utilized by hundreds of organizations, including GoFundMe, Databricks, Navan, and You.com, to enhance customer experience, prevent account takeover, and gain a 360-degree view of both customer and machine identities. The recent FedRAMP High Authorization achieved by Descope in July 2025 further underscores its commitment to providing secure and compliant identity management solutions, including for government agencies looking to adopt agentic AI with robust identity guardrails.
