Vendors Race to Build the Identity Stack for Agentic AI
Traditional identity and access management was designed for humans making deliberate choices — a person typing a password, approving a login prompt, consciously accepting a permission scope. It was never architected for autonomous agents that chain dozens of API calls per second, inherit credentials from orchestrators, and act on behalf of principals who may not even be monitoring the session. That foundational mismatch is now a race condition, and a wave of vendors are sprinting to close it.
A new survey published today by Biometric Update maps the emerging competitive landscape: Ping Identity, Wink, Vouched, Saviynt, and Dock Labs are each attacking the problem from different angles. Dock Labs' approach is particularly ambitious — it layers MCP servers with A2A and AP2 protocols on top of W3C Verifiable Credentials and OpenID for Verifiable Credentials (OID4VC), aiming to cover the full agent transaction lifecycle from initial authorization through action audit. The goal is a credential that travels with the agent rather than being re-verified at every hop.
For developers shipping production systems on LangGraph, CrewAI, or the OpenAI Agents SDK, this analysis is a useful map of what's coming. None of the major frameworks currently bake identity primitives in as first-class citizens — they delegate that problem outward. As agents gain broader permissions and operate across organizational boundaries, that delegation will need to resolve somewhere. The identity layer is being built now, and the vendors building it are betting teams will need it before the year is out.