AI Agent Identity Simulation

Starting Point

Starting clean: 1 agent, 3 read-only tokens. This is how it should be.

Agent Graph1 agent · 3 systems

Read

Stale

Write/Admin

Event Stream

4 events

Day 0okta

Enterprise Support Agent provisioned with read-only access to Slack, Jira, and Salesforce.

Day 0slack

OAuth token granted with read:messages scope. Least privilege enforced.

Day 0jira

API key issued with read:issues scope. Token expires in 90 days.

Day 0salesforce

OAuth token with read:contacts scope. No write access.