The identity provider for the AI agent workforce.
Federate your agents to the identity provider you already run — then govern everything they do.
Eniyan extends your corporate IdP to your agents over OIDC, SAML, and SCIM. Operators delegate their live entitlements; agents trade a verifiable credential for a 10-minute OAuth token scoped to exactly those entitlements — and every action is scope-checked, attested, and audited.
The problem
Your agents are outside your joiner–mover–leaver process.
Every employee is provisioned, governed, and offboarded through your identity provider. Your agents aren't — yet they act with real access on real systems. That gap is where standing credentials and unaccountable access accumulate:
- Static service-account secrets no one rotates, owned by no one in particular.
- Agents that keep their access long after the human who set them up has left.
- No answer to “who approved this agent, and what is it allowed to do?”
Federate
Connect the identity provider you already run.
OIDC/SAML single sign-on and SCIM 2.0 provisioning bring your people and groups into Eniyan — and take them back out the moment they're deactivated. No rip-and-replace, no second directory.
OIDC + SAML SSO
Your people sign in with any OIDC or SAML 2.0 identity provider.
SCIM 2.0 provisioning
Users and groups sync automatically, so Eniyan always reflects your directory.
Offboarding cascade
Deactivate someone in your IdP and every agent anchored to them suspends — automatically.
Group Push
Your IdP groups become assignable agent entitlements, ready to delegate.
Compatibility
Works with the identity provider you already run.
Federate over standard OIDC, SAML 2.0, and SCIM — no rip-and-replace, no proprietary connectors. If it speaks OIDC or SAML, it works.
| Identity provider | OIDC SSO | SAML 2.0 | SCIM provisioning | Group Push |
|---|---|---|---|---|
| Okta | ||||
| Microsoft Entra ID | ||||
| Auth0 | ||||
| OneLogin | ||||
| Ping Identity | ||||
| JumpCloud | ||||
| Google Workspace | Users only | |||
| Any OIDC / SAML IdP |
Google Workspace supports SSO today; group-based delegation needs an IdP with SCIM group push. Don't see yours? If it speaks OIDC or SAML, it works.
Delegate
Entitlements, not secrets.
Operators delegate their live IdP entitlements to agents. Each agent trades a verifiable credential for a short-lived OAuth token scoped to exactly those entitlements — no static secrets, no standing access.
Live entitlement delegation
Operators delegate their current IdP group memberships; a delegation lapses the moment the human loses the group.
Multi-operator certificates
Bind an agent to a group so its certificate is valid only while every current member has delegated.
Agent OAuth tokens
Agents exchange a W3C verifiable credential for a 10-minute OAuth 2.0 token scoped to their live entitlements.
PKCE + introspection
Proof-of-possession issuance and RFC 7662 introspection — standard OAuth tooling works unchanged.
Govern · Risk Management
Govern what agents do at runtime.
Identity gets an agent in the door; risk management decides what it can do once inside. Enforce scope, grant access just-in-time, attest tasks after the fact, and surface insider risk — with a tamper-evident audit trail throughout.
Scope enforcement
Advisory flag or hard block, per agent — out-of-scope actions stopped at verify time.
Just-in-time access
Credentials suspended between tasks; one call opens a named, time-bounded window. No standing privileges.
Post-task attestation
Operators attest to what an agent did; revoke the operator and anchored agents cascade-suspend.
Insider-risk detection + seals
Surface anomalous operator behaviour, with public verification seals for EU AI Act Article 50 disclosure.
Joiner · Mover · Leaver
Offboard an agent the way you offboard an employee.
Agent access is tied to a live human identity, not a static secret. Deactivate the person in your IdP and their agents lose access automatically — elapsed time, one token lifetime.
Deactivate the human in your IdP
An operator leaves, or loses a role. You deactivate them in your identity provider — the same action you already take today.
SCIM tells Eniyan
SCIM 2.0 deprovisioning flows through in real time. The operator's record suspends, and every agent anchored to them suspends with it.
Delegations lapse instantly
Every entitlement that operator delegated to an agent disappears the moment they lose the underlying IdP group. Lose the group, lose the scope.
Tokens age out in minutes
Agent tokens live 10 minutes and re-check entitlements at every mint. No standing privileges, no orphaned service accounts to hunt down later.
Why Eniyan
Not another secret to rotate.
Service accounts and secrets managers still leave you with standing credentials no one owns. Eniyan ties every agent to a live human identity — and takes the access away the moment that human loses it.
| DIY service accounts | Secrets manager | Eniyan | |
|---|---|---|---|
| Agent credentials | Long-lived static secrets | Rotated, still standing | 10-minute tokens, none at rest |
| Tied to a human's live access | No | No | Lapses when they lose the group |
| Offboarding | Manual, easily missed | Manual revoke | Automatic SCIM cascade |
| Who approved this agent | Unknown | Unknown | Accountable operator on record |
| Runtime scope enforcement | None | None | Advisory flag or hard block |
| Public verifiability | None | None | Verification seals (EU AI Act) |
Eniyan
Bring your agent workforce
under your IdP — and under control.
See your own identity-provider groups delegated to a live agent, with 10-minute tokens and runtime risk controls — in about 30 minutes.