"Traditional identity infrastructure assumes a person in a browser. In our systems we also have workloads and agents that need to authenticate, prove identity, and receive scoped authorization.
We found that we needed our agents to use the best available authentication primitive to speak to services and other agents. Often this was a SPIFFE SVID attested by a cloud attestor, but not always. We needed one API that yields a credential + proof + scope across {OIDC, SPIFFE, ...}, and could mix and match multiple token types for different levels of sensitivity. And for all of this, we needed to do so in a way that would be fluent and intuitive to a coding agent.
StrongDM ID treats humans, workloads, and AI agents as first-class principals. They share one trust model, one token format, and one authorization framework.
What Makes It Agentic?
Programmatic Onboarding
Agents can register with a realm and acquire credentials without human intervention
Evidence-Based Identity
Platform attestation (Kubernetes, AWS, Azure, macOS) can replace shared secrets for identity proof
Federated by Default
Use any identity provider the principal already has: Google, Microsoft, Apple, or custom
Bootstrap Defaults
Self-bootstrapping trust domains and certificate authorities with defaults we can audit and change