Strata Identity has launched its AI Identity Gateway alongside a Maverics Sandbox that lets organizations simulate and secure AI agent workflows before they touch production systems. Acting as a runtime proxy, the Gateway authenticates each agent, enforces policy-as-code (via Open Policy Agent/Rego) on every tool call, and logs activity as agents read documents, hit APIs or write to data stores, reports Techstrong.ai.
The design leans into a growing consensus that AI agents aren’t just “fancy service accounts” but autonomous identities that require their own governance model—an issue also flagged in recent analyses of Palo Alto Networks’ push into AI-era identity and PAM, according to Security Boulevard. Startups in ABAC-for-AI and AI-layer access control are also jockeying for position, claiming deeper “prompt-time” policy enforcement higher in the stack.
Strata’s play is different: plug into whatever IDPs you already have, then orchestrate identity and authorization for agents across clouds and legacy apps. The launch nudges larger IAM vendors—Okta, Ping, CyberArk, cloud providers—who are still stitching together agent identity, workload identity and classic user IAM into one narrative, notes Gartner.
Whether Strata’s early move translates into durable lead will depend on how quickly enterprises scale agentic architectures. Right now, the product gives it a first-wave story in a category that bigger platforms plainly see coming but haven’t fully consolidated.
