Descope Enhances Agentic Identity Hub To Provide Policy-Based Security Guardrails for AI Agents

The industry-first Agentic Identity Control Plane delivers scope-based access control, monitoring, and identity management across the AI agent lifecycle

Descope, the drag & drop external IAM platform, today announced the launch of Agentic Identity Control Plane, an industry-first solution that enables security teams to institute policy-based governance, auditing, and identity management for their AI agent and Model Context Protocol (MCP) ecosystems. The Agentic Identity Control Plane builds on top of the existing Descope Agentic Identity Hub to mark a huge step forward in Descope’s vision of becoming the identity provider for AI agents.

As AI agents, LLMs, and MCP servers continue gaining rapid adoption, security leaders grow increasingly concerned about unauthorized AI agent adoption, which can lead to an increased attack surface, risk compliance issues, and pave the way for rogue AI agents gaining escalated privileges. A survey of 400+ CIAM decision-makers commissioned by Descope found that 57% of respondents feel worried about AI agents accessing unauthorized data or sharing data with unauthorized users. Identity management is critical to the secure adoption of agentic AI, as evidenced by the fact that 5 of the OWASP Top 10 Threats for GenAI have authentication and authorization related mitigations.

Also Read: AiThority Interview with Suzanne Livingston, Vice President, IBM Watsonx Orchestrate Agent Domains

The Descope no / low code external IAM platform helps organizations easily create, modify, and manage identity journeys for their consumers, business customers, partners, AI agents, and MCP servers using visual workflows. Hundreds of customers including GoFundMe, Databricks, Navan, and You.com use Descope to enhance customer experience, help prevent account takeover, and get a 360 view of their customer and machine identities.

In April 2025, Descope announced Agentic Identity Hub, a suite of capabilities that solves authentication and authorization challenges for developers building AI-compatible APIs, remote MCP servers, and AI agents. Today’s release further enhances Descope’s agentic identity offering and provides enterprise security teams with critical oversight into identity management and governance for both internal and external-facing AI systems.

The capabilities announced today enable:

• Scope-based access control through a policy engine to tightly control how AI agents and MCP clients / servers access corporate resources. Security teams can restrict AI agent access to specific scopes within specific third-party tools, as well as enact policies based on user roles and hierarchies.

• Enterprise-grade monitoring and auditing capabilities to help security teams gain visibility over their AI agent risk surface, spot access control errors and misconfigurations, and identify potential rogue AI agents before they do damage.

• End-to-end identity lifecycle management for AI agents, including dynamic and static AI agent registration, configurable user consent flows, granular authorization scopes, token management and storage, and visibility into how AI agent identities and human identities are linked.

“No CISO wants to block the adoption of agentic AI and MCP at their company, but they are taking on an increased risk responsibility with every new AI agent or MCP server created within their organization or connecting with their products,” said Slavik Markovich, Co-founder and CEO of Descope. “The Agentic Identity Control Plane delivers easy to use and comprehensive policy control and monitoring tools that security teams need for secure, scalable AI adoption.”

Also Read: C-Gen.AI Emerges from Stealth to End Infrastructure Limitations Affecting AI Workloads

To cultivate further adoption of secure agentic identity infrastructure within AI systems, Descope is hosting its inaugural Global MCP Hackathon from August 12 to September 8. Interested AI developers and tech leaders can RSVP for the hackathon opening night event here.

Resources

• Blog: https://www.descope.com/blog/post/agentic-identity-control-plane

• Descope for AI: https://www.descope.com/use-cases/ai

• Descope AI demo microsite: https://descope.ai

• Global MCP Hackathon: https://globalmcphackathon.com/

Descope is a drag & drop platform to help organizations manage all their external identity journeys. Our no / low code solution helps organizations create, modify, and secure authentication and authorization journeys for end users, business customers, partner applications, AI agents, and MCP servers. Hundreds of businesses use Descope to improve customer experience, prevent account takeover, and get a 360 view of their customer and machine identities.