AI isn't just changing what we build; it’s forcing a fundamental shift in how we build, deploy, and secure software.
This architectural upheaval means the familiar security controls of the past are now being challenged. As Auth0 President Shiv Ramji explained in an interview at Oktane, the complexity introduced by conversational AI agents requires companies to rethink their entire security approach, starting with identity.
To understand this change, Ramji suggested thinking about the apps we build today: They are "deterministic." If you use a travel app to book a flight, what you can do is finite and predetermined. Security is controlled because the user always follows known, guarded paths inside the application's code.
When you introduce conversational AI, everything changes. These agents are "nondeterministic." They can take any input through natural language, work in the background, and perform long-running tasks. Suddenly, the access point is no longer deep inside the application code. It’s right on the frontend, in the conversation interface itself.
"You have to rethink how you build your applications, because you can no longer control the access point inside your application," Ramji said.
This change exposes internal APIs and data, creating risks like data leakage if a chatbot's actions are compromised. These security incidents are no longer hypothetical. They are a growing reality.
For developers, the new priority is twofold: successfully integrating AI into products and helping ensure those products are "AI-ready" to securely interact with other systems. This is fundamentally an identity management problem, Ramji said.
Four critical identity requirements
Based on conversations with developers, Ramji identified four critical requirements for building secure, scalable AI agents today:
Agent and user authentication: Securely linking the non-human agent to the human user's identity.
Secure API access: Standardizing how agents connect to numerous applications without token leakage.
Human in the loop: Requiring explicit human approval for high-risk or sensitive transactions.
Fine-grained permissioning: Defining the granular limits of what data an AI agent can access.
Looking ahead, Ramji predicted identity will be key to solving future challenges, including reducing repetitive consent fatigue, enabling the portability of AI memory across different services, and improving AI-driven identity verification to combat fraud.
Watch the video above for more of Ramji's thoughts on securing nondeterministic applications, the four identity requirements for AI agents, and how Auth0 is helping developers embed identity-first security into AI-driven applications.
