))
#390 - Identity Management for Agentic AI with Tobin South
Manage episode 523261862 series 3201233
Content provided by Identity at the Center. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Identity at the Center or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Tobin South, co-chair of the OpenID Foundation's AI Identity Management Community Group, to delve into the intricacies of identity management in the age of agentic AI. They discuss the challenges and solutions related to AI agents, the role of the Model Context Protocol (MCP), and the concept of recursive delegation and scope attenuation. Additionally, the conversation covers practical advice for developers and enterprises on preparing for AI-driven identity management and explores the cultural touchstone of coffee from various global perspectives.
Connect with Tobin: https://www.linkedin.com/in/tobinsouth/
OpenID Foundation: https://openid.net/
Identity Management for Agentic AI (OpenID Whitepaper): https://openid.net/wp-content/uploads/2025/10/Identity-Management-for-Agentic-AI.pdf
Connect with us on LinkedIn:
Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/
Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/
Visit the show on the web at http://idacpodcast.com
Chapter Timestamps:
00:00 – Jeff and Jim banter about unopened iPads and conference season
05:55 – Introduction to Tobin South and his AI identity background
07:00 – How AI has evolved from machine learning to generative models
09:00 – The OpenID AI Identity Management Community Group
10:30 – ChatGPT’s impact on the AI perception shift
12:00 – Users vs. Agents: What’s the difference?
14:00 – Letting the right bots in: AI agents vs. bad bots
17:00 – AI impersonation, delegation, and the risk of shared credentials
20:00 – Impersonation vs. Delegation – what practitioners need to know
23:00 – Governance, oversight, and delegated authority for agents
26:00 – Liability and “who is responsible” in agentic systems
30:00 – How developers can prepare for agent identity and access management
32:00 – Explaining the Model Context Protocol (MCP)
36:00 – Enterprise use cases for MCP and internal automation
38:00 – Is MCP the next SAML?
42:00 – Recursive delegation and scope attenuation explained
46:00 – The one key takeaway for IAM professionals
48:00 – Lighter note: Coffee talk – from Sydney to San Francisco
54:00 – Wrap-up and where to find more IDAC content
Keywords:
IDAC, Identity at the Center, Jim McDonald, Jeff Steadman, Tobin South, OpenID Foundation, AI Identity Management, Agentic AI, Delegated Authority, Impersonation vs Delegation, Model Context Protocol (MCP), Recursive Delegation, Scope Attenuation, Identity Access Management, IAM, AI Governance, AI Standards, Enterprise AI, AI Agents, Identity Security
390 episodes
Share
