The SCIM framework is expanding from human identities to include AI agents, enabling automated onboarding, access synchronization, auditing, and deprovisioning within a unified identity fabric for non-human identities.

Agent objects support automatic provisioning, role assignment, suspension, and clean deletion, with example API queries showing how to retrieve agent details.

Security implications emphasize clear ownership and accountability, credential lifecycle management via embedded certificates, explicit app-agent boundaries, and enhanced auditing with lastAccessed to detect dormant entities.

SCIM now manages diverse objects beyond users—teams, agents, and agentic applications—with emerging Agent extensions treating agents as first-class objects with owners and lifecycles.

The draft preserves backward compatibility by representing agents as Users with an extension for non-human identity, ensuring interoperability with existing SCIM deployments.

AI agents act as real actors by logging into service desks and CRMs, posting to collaboration tools, and triggering automated workflows; without SCIM, credentials risk being unmanaged, creating ownership gaps and shadow access.

SSOJet provides a single console to enable SCIM for both people and AI agents, offering SCIM 2.0 readiness, multi-IdP directory synchronization, granular ownership mapping, full audit trails, and API-first support for hybrid and air-gapped environments.

Overall, the SCIM for AI trajectory formalizes how bots and autonomous agents are described, authenticated, governed, and audited within enterprise identity ecosystems, paving the way for interoperable, secure AI-enabled workflows.

Agentic Applications map agents to hosting platforms, detailing name, status, endpoints, OAuth configuration, linked agents, and lastAccessed to support auditing and lifecycle management.

New SCIM resource types introduce AGENTS (digital workers) and AGENTIC APPLICATIONS (systems hosting agents), detailing attributes such as name, owners, associated applications, protocols, certificates, subject, and status.

The AI agent lifecycle mirrors human processes: Hire/Create, Sync Access, Audit, and Retire, enabling automatic account creation, role assignment, activity tracking, and global deprovisioning.

Practical example: provisioning SupportGPT where IT adds the agent, SCIM provisions accounts and roles in Zendesk, Slack, and Notion automatically, followed by offboarding that removes access across platforms.