AI agents in enterprise and customer-facing IT contexts will deliver both unprecedented productivity benefits and identity and access management (IAM) headaches. Because of AI agents’ autonomy and nondeterministic actions, they represent a new type of identity that is neither fully machine nor human. AI agents raise new governance, authentication, and authorization challenges — so IAM architectures and the IAM solutions that implement them must embrace AI agents as a new and unique identity type and protection surface.