<p>In this episode of the Identity at the Center Podcast, hosts Jeff and Jim sit down with Tobin South, co-chair of the OpenID Foundation&#39;s AI Identity Management Community Group, to delve into the intricacies of identity management in the age of agentic AI. They discuss the challenges and solutions related to AI agents, the role of the Model Context Protocol (MCP), and the concept of recursive delegation and scope attenuation. Additionally, the conversation covers practical advice for developers and enterprises on preparing for AI-driven identity management and explores the cultural touchstone of coffee from various global perspectives.</p><p><br></p><p>Connect with Tobin: <a href="https://www.linkedin.com/in/tobinsouth/">https://www.linkedin.com/in/tobinsouth/</a></p><p>OpenID Foundation: <a href="https://openid.net/">https://openid.net/</a></p><p>Identity Management for Agentic AI (OpenID Whitepaper): <a href="https://openid.net/wp-content/uploads/2025/10/Identity-Management-for-Agentic-AI.pdf">https://openid.net/wp-content/uploads/2025/10/Identity-Management-for-Agentic-AI.pdf</a></p><p><br></p><p>Connect with us on LinkedIn:</p><p>Jim McDonald: <a href="https://www.linkedin.com/in/jimmcdonaldpmp/">https://www.linkedin.com/in/jimmcdonaldpmp/</a></p><p>Jeff Steadman: <a href="https://www.linkedin.com/in/jeffsteadman/">https://www.linkedin.com/in/jeffsteadman/</a></p><p>Visit the show on the web at <a href="http://idacpodcast.com">http://idacpodcast.com</a></p><p><br></p><p>Chapter Timestamps:</p><p>00:00 – Jeff and Jim banter about unopened iPads and conference season</p><p>05:55 – Introduction to Tobin South and his AI identity background</p><p>07:00 – How AI has evolved from machine learning to generative models</p><p>09:00 – The OpenID AI Identity Management Community Group</p><p>10:30 – ChatGPT’s impact on the AI perception shift</p><p>12:00 – Users vs. Agents: What’s the difference?</p><p>14:00 – Letting the right bots in: AI agents vs. bad bots</p><p>17:00 – AI impersonation, delegation, and the risk of shared credentials</p><p>20:00 – Impersonation vs. Delegation – what practitioners need to know</p><p>23:00 – Governance, oversight, and delegated authority for agents</p><p>26:00 – Liability and “who is responsible” in agentic systems</p><p>30:00 – How developers can prepare for agent identity and access management</p><p>32:00 – Explaining the Model Context Protocol (MCP)</p><p>36:00 – Enterprise use cases for MCP and internal automation</p><p>38:00 – Is MCP the next SAML?</p><p>42:00 – Recursive delegation and scope attenuation explained</p><p>46:00 – The one key takeaway for IAM professionals</p><p>48:00 – Lighter note: Coffee talk – from Sydney to San Francisco</p><p>54:00 – Wrap-up and where to find more IDAC content</p><p><br></p><p>Keywords:</p><p>IDAC, Identity at the Center, Jim McDonald, Jeff Steadman, Tobin South, OpenID Foundation, AI Identity Management, Agentic AI, Delegated Authority, Impersonation vs Delegation, Model Context Protocol (MCP), Recursive Delegation, Scope Attenuation, Identity Access Management, IAM, AI Governance, AI Standards, Enterprise AI, AI Agents, Identity Security</p>