Identiverse is coming next week, and AuthZed will be a sponsor. We're excited for this year, because the agenda really nails the topics we've been discussing with customers and partners over the past few months.
Authorization as a meta-theme
Looking at the four Workshops and Summits, three of them—Non-Human Identity (NHI), AI Identity, and Continuous Identity—made it obvious what's on people's minds. These are three takes on the same problem: the fundamental assumptions of identity and access management for the last two decades have collapsed, and they're exposing an awful lot of sloppiness that was "good enough" in a pre-agentic world.
If there were ever a time to decouple Identity from Access Management in our brains, it's now. The "Continuous" in Continuous Identity is telling. When you need to re-evaluate trust on an ongoing basis, you're continually asking the same question: given everything we know right now, should this actor be allowed to do this thing? That's authorization, which is why we're so excited to be part of the discussion.
Identity is necessary. It's not sufficient.
Let's be clear. Identity / authentication is essential. We can't even discuss what you're allowed to do until we know who you are. But the issues surfacing at Identiverse this year—identity sprawl, machine-to-machine trust, the governance of autonomous agents—are all, at their core, authorization problems wearing identity hats.
A holistic problem requires a holistic solution, and the architecture that can support it looks less like a centralized identity store and more like a purpose-built authorization layer—one that can:
- Handle high-volume, low-latency decisions across non-human and human actors
- Model complex, relationship-driven access policies (not just flat roles)
- Evaluate permissions in real time, incorporating current context
- Scale to the volume that modern, agentic systems demand
Relationship-Based Access Control (ReBAC) is particularly well-suited here. It can natively represent the kinds of nested, hierarchical, and contextual relationships that real systems have, and that AI agents increasingly need to navigate. When an agent is acting on behalf of a user, who has access to a resource owned by a team, within a tenant with its own policies... that's a graph problem. ReBAC is designed for graph problems.
Come find us at booth SU02 in Startup Alley
We have a lot more to say on this, and we'll be sharing more in the near future. In the meantime, if you're heading to Identiverse, we'd love to connect. And if you're looking for your next role, we're hiring!