Product
CrowdStrike highlights a critical identity management gap in AI agent deployments where current OAuth 2.1 tokens and JWT (RFC 9068) lack standardized mechanisms to represent an AI agent's instance identity, the user on whose behalf it acts, and their relationship, hindering fine-grained access controls, audit trails, and detection of out-of-scope actions.