Agents are popping up everywhere: tiny bots spinning up for a task, then dying off. They shouldn’t carry long-lived credentials any more than you carry a master key everywhere you go. What if each agent got a just-for-this-mission credential—scoped, temporary, context-aware, and gone when its task ends? That’s ephemeral authentication. In this episode of Pop Goes the Stack, #F5's Lori MacVittie, Joel Moses, and special guest Bill Church dig into why traditional IAM (OAuth tokens, persistent keys) fails in agentic worlds. They’ll show how ephemeral auth can reduce blast radius, prevent credential replay, and force “least privilege in the moment.” Then they walk through how it might be built: token issuance on mission start, embedded attestation, automatic revocation, and scope tunneling per action. And yeah, there are tradeoffs—latency, credential churn, throttling limits. Listen in for the best path forward. Chapters: 00:00 Welcome to Pop Goes the Stack 00:48 AI agents vs Identity and Access Management 02:07 Why is #IAM struggling with #AI agents? 03:39 The problem with long-lived tokens 06:01 Ephemeral credentials as a solution 09:32 Adding context to agent access 11:15 The future of IAM and agents 13:10 Challenges with ephemeral credentials 16:22 Token collisions and scaling risks 18:00 Scope change and negotiation 21:23 Key takeaways: How to deploy AI agents safely Read the arXiv article, A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control: https://go.f5.net/gxn3uo0l Find out more about the importance of policy in payload: https://go.f5.net/nh5jybt4 Learn how you can stay ahead of the curve and keep your stack whole with additional insights on app security, multicloud, AI, and emerging tech: https://go.f5.net/43psvt3l More about F5: https://go.f5.net/vyc37r59 Read our blog: https://go.f5.net/5rw281h6 Follow us on LinkedIn: https://go.f5.net/rsn91imo

 123      4