Saviynt: Identity Security for AI Agents: On-Behalf-Of Workflows

Name: Saviynt: Identity Security for AI Agents: On-Behalf-Of Workflows
Uploaded: 2026-06-22T09:07:57-04:00
Duration: 9 min 7 s
Description: TL;DR Saviynt Access Gateway provides runtime authorization for AI agents performing transactions on behalf of authenticated users through an on-behalf-of (OBO) token exchange process. The gateway performs intent analysis, enforces security policies in...

Saviynt

06/22/2026

0 (0%)

Report Like Favorite

Transcript

You all heard saw the Chalk Talk about Savings Access Gateway and the importance of doing runtime authorization for agentic transactions. This Chalk Talk is going to focus on a very specific scenario of when a human is talking to an interactive agent, the agent works on behalf of those human counterparts. How should you design? How should you think about an identity transaction especially for your on behalf of flows for your agents? Let us take a look at it. It all starts with a human. In this case, let us say that human is Sarah and Sarah wants to invoke her CRM agent to perform some transactions on an application like Salesforce. So, the first thing what Sarah has to do is to authenticate to an IDP. This could be an Okta, Enter ID and provide her valid credentials so that the system knows that she is an authorized user to even invoke that agent. Now, as Sarah authenticates, she gets a valid user token from the IDP. This user token is then further passed to a CRM agent in this case. The first thing what a CRM agent has to do is it is to take the user token and get its own on behalf of or workflow authorization token to be created. Now, how does it do that? It goes ahead and talks to a session broker or an on behalf of broker. This could be from IDPs, this could be from Savient, it does not matter, but what here is really happening is that the CRM agent has to perform a transaction, authenticate and authorize itself to perform the agentic transactions what Sarah originally asked for from this agent. So, the CRM agent is going to give and start what we call it as an on behalf of exchange process. So, in this particular case, the session or the on behalf of broker would give an OBO token to the CRM agent, very simple, very easy set of steps. The user is authenticating first itself passing on to this agent and the agent is now getting an OBO token on behalf of so that the agent can perform the transactions, very, very simple. As well as in this case, the agent also has a valid identity available to it. Now, once all this happens, the next step in this case is it gets passed to the Savients access gateway. The MCP interface is doing one very specific thing and that is making sure that all the tools which are available and allowed gets exposed, which means you will start seeing the CRM agent having access to read opportunities. It will start saying send opportunities details, but it will also not be seeing transactions which are denied as part of the policy. That is the first set of things what will happen when an CRM agent goes to Savient gateway and Savient gateway is understanding what kind of tools are even exposed to this CRM agent. Next, a very important step is the policy evaluation stage. In the policy evaluation stage, the first thing what Savients access gateway does is intent analysis. It understands what did Sarah originally asked for and how is it getting mapped to the various transactions and tool calls what the CRM agent is really trying to do. It also looks for things like is your agent a rogue or an orphan agent and looks for any policies which says that anytime if a rogue or an orphan agent is trying to perform an agentic transaction it should be blocked. It looks for such policies, it looks for any SOD conflicts and enforces all of that in real time and last but not the least it maintains a complete audit and log every particular transaction which is being done by this agent. All of this is now happening at an access gateway level and at this stage there could be two different kind of information being sent to Sarah in this particular case. It could be an explicit approval or it could be an implicit policy based approval. You can always ask the access gateway to ask for any kind of a human in the loop approval done by Sarah. So, for example, if you want the opportunity details to be sent, but you want Sarah to humanly authorize that or approve it you can do that. So, you can have two different types of policy conditions once you are coming from this particular checks. Further in the very end once the Savient gateway performs all these checks now the next step is to actually perform this transactions into Salesforce or your CRM system. In this particular case what would really happen is that as your transaction is performed by the CRM agent what we are looking at in this particular case is who is your actor? In this case your actor is going to be Sarah. Who did work on behalf of Sarah? So, in this case it is going to be CRM-agent whatever your agent IDs are ID 001. What was the action performed? So, in this case it would be read opportunity and write whatever that opportunity data was and then last but not the least what was the time at which this transaction was performed. So, friends this is what really happens when you perform an agentic transaction specially for interactive agents where a human initiates a transaction, initiates or tells an agent what to do. An agent translates that into a particular transaction sends that to an access gateway component from Savient, Savient understands what kind of transactions can be performed what tool calls are available does an intent analysis enforces your security policies before it makes its way into a downstream application like Salesforce and regardless to say anything and everything what you do in this everything gets audited everything gets locked. That is the beauty of Savient's access gateway. As you start designing as you start creating your agentic transaction it becomes imperative that you cannot rely on design time controls for your agents you have to have runtime controls and that is what access gateway offers to you. In my next Chalk Talk I will talk about autonomous agents specially in multi-agent scenarios and how Savient's access gateway will play a very important role in authorizing runtime decisions till then stay tuned.

TL;DR

Saviynt Access Gateway provides runtime authorization for AI agents performing transactions on behalf of authenticated users through an on-behalf-of (OBO) token exchange process.
The gateway performs intent analysis, enforces security policies including SOD conflicts and rogue agent detection, and controls which tools are exposed to agents before transactions reach downstream applications.
Every agentic transaction is fully audited with actor identification, action logging, and timestamp tracking, maintaining complete visibility into who did what and when.
The architecture supports both implicit policy-based approvals and explicit human-in-the-loop authorization for sensitive operations, providing flexible control over agent actions.

Summary

This technical walkthrough demonstrates how Saviynt Access Gateway handles identity and authorization flows when humans interact with AI agents. The session focuses specifically on 'on-behalf-of' (OBO) workflows, where an agent performs transactions on behalf of an authenticated user. Using a CRM agent scenario, the presentation illustrates the complete authentication chain from initial user login through IDP authentication, OBO token exchange, policy evaluation, and final transaction execution in downstream applications like Salesforce. The architecture emphasizes runtime controls over design-time permissions, ensuring that every agentic transaction is authorized, audited, and compliant with security policies including separation of duties checks and rogue agent detection.

Chapters

0:00 - Introduction to On-Behalf-Of Workflows
0:44 - User Authentication and Token Exchange
2:00 - OBO Token Generation Process
3:28 - Access Gateway Tool Exposure
4:35 - Policy Evaluation and Intent Analysis
6:31 - Transaction Execution and Audit Logging
8:38 - Runtime vs Design-Time Controls

Key Quotes

0:40 "How should you think about an identity transaction especially for your on behalf of flows for your agents? ..."
4:35 "In the policy evaluation stage, the first thing what Savients access gateway does is intent analysis."
5:14 "It looks for things like is your agent a rogue or an orphan agent and looks for any policies which says that anytime if a rogue or an orphan agent is trying to perform an agentic transaction it should be blocked."
8:43 "As you start designing as you start creating your agentic transaction it becomes imperative that you cannot rely on design time controls for your agents you have to have runtime controls and that is what access gateway offers to you."

FAQ

How does the on-behalf-of token exchange work in Saviynt's architecture?

When a user authenticates and receives a token from their IDP, they pass that token to the AI agent. The agent then exchanges this user token with a session broker (which could be the IDP or Saviynt) to receive an OBO token that allows the agent to perform transactions on the user's behalf while maintaining a clear audit trail of both identities.

What types of security policies does Saviynt Access Gateway enforce for agent transactions?

The gateway performs intent analysis to verify the agent's actions match the user's original request, checks for rogue or orphan agents and blocks their transactions, enforces separation of duties (SOD) conflicts, and can require human-in-the-loop approval for sensitive operations. All policies are evaluated in real-time before transactions reach downstream applications.

Categories:

» Data Protection

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

06/23/2026

01:00 PM

06/23/2026

The AI-Powered VMware Alternative

https://www.truthinit.com/index.php/channel/2009/the-ai-powered-vmware-alternative/
06/24/2026

11:00 AM

06/24/2026

Accelerating Through AI: A Dynamic Webinar Series

https://www.truthinit.com/index.php/channel/2012/accelerating-through-ai-a-dynamic-webinar-series/
06/25/2026

01:00 PM

06/25/2026

Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier

https://www.truthinit.com/index.php/channel/1998/generative-ai-security-preventing-ai-from-becoming-a-data-breach-multiplier/
06/30/2026

01:00 PM

06/30/2026

Mastering Active Directory Certificate Services for Long-Term Success

https://www.truthinit.com/index.php/channel/2018/mastering-active-directory-certificate-services-for-long-term-success/
07/01/2026

04:00 AM

07/01/2026

Integrating Security in AI: Automated Red Teaming Strategies for Private Models

https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
07/01/2026

04:00 AM

07/01/2026

Schutz von KI in Anwendungen, Agenten und APIs.

https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
07/01/2026

01:00 PM

07/01/2026

How to Prevent Your AI from Taking Control of You

https://www.truthinit.com/index.php/channel/2021/how-to-prevent-your-ai-from-taking-control-of-you/
07/02/2026

10:00 AM

07/02/2026

When the cloud goes dark: Resilience lessons from hybrid threats

https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-when-the-cloud-faces-challenges/
07/07/2026

01:00 PM

07/07/2026

A Comprehensive Demonstration of DLP Solutions and Strategies

https://www.truthinit.com/index.php/channel/2030/a-comprehensive-demonstration-of-dlp-solutions-and-strategies/
07/09/2026

01:00 PM

07/09/2026

Agentic Trust in Practice: Enhancing the Human Experience

https://www.truthinit.com/index.php/channel/2026/agentic-trust-in-practice-enhancing-the-human-experience/
07/14/2026

11:00 AM

07/14/2026

Unpacking the Latest Features of Netwrix 1Secure in a Technical Session

https://www.truthinit.com/index.php/channel/2014/unpacking-the-latest-features-of-netwrix-1secure-in-a-technical-session/
07/21/2026

04:00 AM

07/21/2026

Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
07/21/2026

01:00 PM

07/21/2026

HUMAN Dialogue: Insights from Attackers Revealed at the FIFA World Cup

https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-revealed-at-the-fifa-world-cup/
07/22/2026

06:30 AM

07/22/2026

Understanding the Dynamics of Data Privacy and Protection Regulations

https://www.truthinit.com/index.php/channel/2000/understanding-the-dynamics-of-data-privacy-and-protection-regulations/
07/28/2026

01:00 PM

07/28/2026

Illumio: Zero Trust in the Age of AI Autonomy

https://www.truthinit.com/index.php/channel/2031/illumio-zero-trust-in-the-age-of-ai-autonomy/
07/29/2026

04:00 AM

07/29/2026

Real-Time Strategies for Safeguarding Against Prompt Injections

https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
09/30/2026

04:00 AM

09/30/2026

AI Command Center: Optimizing Visibility and Control in Your Operations

https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/