Zero trust is one of the most overused phrases in security. It’s also one of the most misunderstood.

Zero trust isn’t a product. It isn’t a network control. It’s an architectural model based on continuous evaluation of identity, access, and risk. Standing privileges are static by design. That makes them fundamentally incompatible with zero trust – especially in agentic systems.

If you still rely on standing access, you don’t have zero trust. You have a legacy security model with better authentication.

Where Zero Trust Breaks With Agents

Most organizations believe they’re applying zero trust principles to agents. In practice, they stop halfway.

Strong authentication is required. Tokens are issued correctly. mTLS and OAuth are in place. So far, so good.

Then everything falls apart.

Authorization is static. Access privileges are pre-provisioned. Once authenticated, agents are trusted indefinitely. There’s no understanding of delegated authorization – agents act, but the system can’t clearly express on whose authority they’re acting or why.

Authentication is modern. Authorization is not. This gap is where risk explodes.

Why Standing Privileges Violate Zero Trust

Zero trust assumes nothing is trusted by default. Standing privileges do the opposite.

Trust is assumed immediately after authentication. Once a token is issued, the system stops asking questions. Runtime context is ignored – time, intent, environment, and risk signals aren’t reevaluated. Access lasts far longer than the task that justified it.

This isn’t zero trust. It’s static trust with better crypto.

Why This Blocks Production

Security teams can’t see or bound risk when access is static. They can’t answer what an agent could do right now, under this context, with this intent.

Compliance teams and regulators require proof. They want to see how decisions are made, not just that credentials exist. When access can’t be explained dynamically, production sign-off fails.

This is why so many agent initiatives stall despite strong authentication and impressive demos. The authentication story is solid. The authorization story isn’t.

The Execution Model That Works

Zero trust works when it’s applied at execution time.

Authority is derived from delegated authorization, not ownership of credentials. Agents act on behalf of a principal with explicit scope and intent. Every actor is authenticated. Every token exchange is validated. Every tool access is authorized with short-lived, task-scoped tokens – there’s no standing access to reuse.

Context is evaluated continuously. Risk signals can deny or constrain actions dynamically.

This model doesn’t assume trust. It continuously earns it.

You Need a Gateway

Zero trust can’t be enforced inside agents. It has to be enforced around them.

An AI Identity Gateway enforces zero trust authentication, access, and authorization dynamically at runtime. Policy lives in the control plane, not in agent code or prompts. Enforcement happens inline, between agents and MCPs. Access is enforced at the MCP boundary, where real actions occur.

This is where zero trust becomes operational, not aspirational.

What Production Teams Actually Deploy

Teams that reach production converge on the same patterns. There’s no standing agent access. Permissions are issued just in time, scoped to the task and tool. Credentials are ephemeral and expire automatically – revocation is the exception, not the norm.

This isn’t theoretical. It’s how systems pass security, audit, and risk review.

Seeing It Work

Zero trust sounds good on slides. It’s harder to implement in practice.

The Strata Agentic Identity Sandbox lets teams see zero trust in action. They can validate architecture choices safely. They can observe how delegated authorization works. They can see access being evaluated continuously and expiring automatically.

This moves zero trust from theory to deployment.

The Business Impact

Zero trust implemented correctly doesn’t slow teams down. Security becomes an enabler instead of a gate. Rollouts across teams and environments happen faster because access models are consistent and defensible. Long-term operational costs drop because permissions don’t accumulate and audits are simpler.

Systems built this way scale.

The Bottom Line

Zero trust requires dynamic, provable, temporary access. Standing privileges can’t deliver that.

Anything built on them is legacy security, regardless of how modern it looks.

The post Zero Trust Demands Zero Standing Privileges appeared first on Strata.io.

*** This is a Security Bloggers Network syndicated blog from Strata.io authored by Nick Gamb. Read the original post at: https://www.strata.io/agentic-identity-sandbox/zero-trust-demands-zero-standing-privileges/