Descope Launches Agentic Identity Control Plane to Secure AI Agent Identities

Descope has launched the Agentic Identity Control Plane, a solution designed to enable security teams to implement policy-based governance, auditing, and identity management for AI agents and Model Context Protocol (MCP) ecosystems. This new platform builds upon the existing Descope Agentic Identity Hub and marks a significant advancement in Descope’s vision to become the identity provider for AI agents. As AI agents, large language models (LLMs), and MCP servers see rapid adoption, security leaders are increasingly concerned about unauthorized AI agent usage. Such unauthorized adoption can expand the attack surface, introduce compliance risks, and allow rogue AI agents to gain escalated privileges. A survey of over 400 CIAM decision-makers commissioned by Descope revealed that 57% of respondents worry about AI agents accessing or sharing data without proper authorization. Identity management is critical for secure agentic AI adoption, supported by the fact that five of the OWASP Top 10 Threats for GenAI involve authentication and authorization mitigations. Descope’s no-code/low-code external IAM platform helps organizations easily create, modify, and manage identity journeys for consumers, business customers, partners, AI agents, and MCP servers through visual workflows. Hundreds of customers, including GoFundMe, Databricks, Navan, and You.com, leverage Descope to enhance customer experience, prevent account takeover, and gain comprehensive visibility into customer and machine identities. In April 2025, Descope announced the Agentic Identity Hub, a suite of capabilities addressing authentication and authorization challenges for developers building AI-compatible APIs, remote MCP servers, and AI agents. The Agentic Identity Control Plane released today further enhances these offerings by providing enterprise security teams with critical oversight into identity management and governance for both internal and external AI systems.

Key Capabilities of the Agentic Identity Control Plane

• Scope-based Access Control: A policy engine enables tight control over how AI agents and MCP clients/servers access corporate resources. Security teams can restrict AI agent access to specific scopes within third-party tools and enforce policies based on user roles and hierarchies.
• Enterprise-grade Monitoring and Auditing: Provides visibility into the AI agent risk surface, helps detect access control errors and misconfigurations, and identifies potential rogue AI agents before they cause damage.
• End-to-End Identity Lifecycle Management: Supports dynamic and static AI agent registration, configurable user consent flows, granular authorization scopes, token management and storage, and visibility into the relationships between AI agent identities and human identities.
Slavik Markovich, CEO of Descope, stated, “No CISO wants to block the adoption of agentic AI and MCP at their company, but they are taking on an increased risk responsibility with every new AI agent or MCP server created within their organization or connecting with their products. The Agentic Identity Control Plane delivers easy to use and comprehensive policy control and monitoring tools that security teams need for secure, scalable AI adoption.”

---

Source: Originally published at Help Net Security on August 6, 2025.

Frequently Asked Questions (FAQ)

What is the Agentic Identity Control Plane?

The Agentic Identity Control Plane is Descope's new solution for security teams to manage, govern, and audit the identities of AI agents and Model Context Protocol (MCP) ecosystems.

Why is identity management critical for AI agents?

As AI agents and LLMs become more prevalent, concerns about unauthorized access and potential security risks increase. Proper identity management is crucial to mitigate these risks, prevent expanded attack surfaces, and ensure compliance.

What are the key benefits of Descope's new platform?

The Agentic Identity Control Plane offers scope-based access control, enterprise-grade monitoring and auditing, and end-to-end identity lifecycle management for AI agents.

How does Descope's platform help organizations?

Descope's no-code/low-code external IAM platform allows organizations to easily manage identity journeys for various entities, including AI agents and MCP servers, enhancing customer experience and security.

What is the significance of the Agentic Identity Control Plane in Descope's vision?

This launch signifies Descope's continued commitment to becoming the leading identity provider for AI agents, further enhancing their existing Agentic Identity Hub.

Crypto Market AI's Take

The launch of Descope's Agentic Identity Control Plane directly addresses a burgeoning concern within the AI and cybersecurity landscapes: the secure management of AI agent identities. In an era where AI is increasingly integrated into business operations, ensuring that these agents have clearly defined, controlled, and auditable identities is paramount. This is particularly relevant in sectors that handle sensitive data, such as finance and healthcare. Our platform, AI Crypto Market, recognizes the critical need for robust security and identity management in all aspects of the digital economy. As we explore the intersection of AI and finance, understanding solutions like Descope's is vital for building trust and ensuring the safe adoption of advanced technologies.

More to Read:

• AI Agents: Capabilities, Risks, and Growing Role
• Understanding Model Context Protocol (MCP) and Why Publishers Should Care
• The Importance of AI Security in Financial Services