Traditional identity systems fail at agent scale. Discover how to move past "buffering" in authentication and build high-throughput, stateless identity infrastructure for autonomous AI agents.
How Apple broke "Sign in with Apple" with an unannounced and silent redirect
Twenty-five years ago, video on the internet was a novelty...and a disaster.
Streams stalled. Resolution was poor. Servers collapsed under load. Engineers debated whether video would ever work at internet scale. The problem wasn’t just bandwidth; it was architecture. Early systems treated video like a file download, not a continuous, global, real-time service.
Today, autonomous and agentic AI systems are putting identity infrastructure through a similar reckoning.
The buffering wheel is back...this time in authentication and authorization.
In the late 1990s and early 2000s, video streaming failed for predictable reasons:
The breakthrough didn’t come from “faster servers.” It came from rethinking the architecture:
Video succeeded when the industry stopped treating it like a special case and started treating it like infrastructure.
Agentic AI systems are now exposing similar fault lines in identity. Traditional identity systems were designed for:
Agentic agents flip every one of those assumptions.
They authenticate continuously, act autonomously, operate at machine speed, and scale into the millions or billions of identities. Each agent may make thousands of authenticated and authorized requests per second; often on behalf of humans, services, or other agents.
Identity is no longer a login problem. It’s a high-throughput control plane problem.
Many identity platforms still behave like early video servers:
At agent scale, these systems don’t degrade gracefully—they fail catastrophically. Latency increases. Tokens pile up. Authorization becomes the bottleneck. Security teams respond by loosening controls, extending token lifetimes, or bypassing checks entirely.
That’s the identity equivalent of lowering the resolution and hoping no one notices.
In a recent survey conducted with EMA and Ory, we uncovered how participants feel about their existing IAM stack from four dimentions:
Access all the survey results - https://www.ory.com/resources/whitepapers/agentic-ai-identity-security-readiness
Streaming scaled when delivery became:
Agent identity requires the same shift.
Agents cannot afford round-trip calls to a central identity service for every decision. Authentication and authorization must be verifiable locally, close to the workload.
Long-lived credentials don’t scale and don’t fail safely. Identity at agent scale requires short-lived, cryptographically verifiable tokens that can be validated without shared state.
Authorization can’t live inside application logic or ad-hoc scripts. It must be externalized, policy-driven, and evaluated consistently across environments.
Just as streaming evolved from:
“Can we play a video?” to “Can we deliver billions of streams globally, reliably, and securely?”
Identity is evolving from:
“Can a user log in?” to “Can millions of autonomous actors authenticate and act safely, continuously, and at scale?”
Agentic systems are not edge cases. They are the next dominant workload. And like video, identity systems that are not built for this future will be bypassed, weakened, or replaced.
When identity becomes the bottleneck, organizations face an impossible choice:
This is exactly where early streaming platforms failed—until the architecture caught up with demand.
The platforms that ultimately enabled streaming success didn’t market “video features.” They built delivery infrastructure.
Likewise, the identity systems that succeed in the agentic era will not be those optimized for login screens. They will be those designed as:
The history of the internet is full of moments where a new workload exposed architectural limits. Video streaming was one. Agentic AI is another.
Back then, the solution wasn’t to tweak the old systems—it was to replace the assumptions entirely.
Identity is at that moment again.
If we treat agent authentication and authorization like a scaled-up version of human login, we will get buffering wheels, dropped frames, and security shortcuts.
If we treat identity like streaming infrastructure—designed for scale, distribution, and failure—we unlock what agentic systems actually promise.
The question is no longer whether agentic agents will scale. It's whether identity will.
—-------------------------------------------------------------
Learn more about how Ory can handle agentic - https://www.ory.com/agentic-artificial-intelligence-ai-agents
Read More on Agentic -
