Security · Agent Identity
How every agent gets its credential — and whether it meets the standard.
The problem
Agents authenticate with static keys, consumer aliases, and secrets pasted into .env files. These machine identities are invisible, unrevocable, and impossible to deprovision — and nobody is tracking them.
The value
A clear view of every machine identity: where its credential came from, how trustworthy it is, and which agents fall outside the org credential standard — so you can move them to org-backed OAuth and rotate the static keys.
8
machine identities
4
fail the standard