AiThority Interview with Rishi Bhargava, Co-Founder of Descope

Rishi Bhargava, Co-Founder of Descope shares more about the impact of AI agents across key business functions in this catch-up with AiThority:

_________

Can you please tell us about yourself and more about your SaaS journey so far?

Over the past two decades, I’ve had the opportunity to work across product, strategy, engineering, and go-to-market roles in both startups and large enterprises. I co-founded Demisto, which grew into a SOAR market leader before being acquired by Palo Alto Networks. After that, I served as VP of Product Strategy at Palo Alto Networks, where I focused on scaling security solutions.

Descope is the second company I’ve co-founded with the same core team. We launched it to simplify authentication for developers and users alike, removing friction, enhancing security, and giving teams more control over identity. Our journey in SaaS has always been about solving real-world problems with pragmatic, practitioner-first solutions – and that continues to guide our work at Descope today.

Also Read: AiThority Interview with Yuhong Sun, Co-Founder of Onyx

We’d love a brief breakdown of Descope’s new Agentic Identity Hub: quick pointers on how it enables end users?

We’ve been hearing two questions from technology and security leaders over the past few months: how do enterprises become AI-ready, and how do AI systems become enterprise-ready? We built the Agentic Identity Hub to help answer these questions by solving authentication, authorization, and identity management challenges faced by AI developers.

I’d like to highlight three capabilities here. 

• Inbound Apps, which helps any app become an OAuth identity provider to securely expose their APIs to AI agents.
• Outbound Apps, which helps AI agents easily connect with 50+ external tools without the hassle of manual token management and storage.
• MCP Auth SDKs, which help remote MCP servers become OAuth-compliant in three lines of code.

Why do so many organizations still struggle to integrate AI agents into their existing workflows and systems? What tips would you share to make this workflow easier?

A major challenge is that most enterprise systems weren’t designed with AI agents in mind. These agents typically interact via APIs rather than user interfaces, which requires a different approach to identity, authentication, and access control. Developers also often need to manually integrate agents with each tool they use, which becomes time-consuming and error-prone to maintain at scale. In many cases, organizations lack the expertise in standardized protocols or infrastructure to manage this complexity, leading to integration delays and security concerns.

To address this, organizations should adopt open identity standards (like OAuth) and ensure systems support scoped, consent-based access. Organizations should also think deeply about applying fine-grained authorization to their APIs to avoid giving AI agents “too much agency” by sharing more permissions than they need.

What are some of the common critical identity infrastructure gaps that plague organizations today?

Many organizations still rely on outdated identity models that weren’t built to handle the scale and autonomy of modern AI systems. A few common gaps include limited visibility into governing autonomous machine identities, a lack of fine-grained permission controls, and insufficient mechanisms for user consent or access revocation in an agentic context. A lot of times, identity infrastructure is fragmented across systems, making it difficult to coordinate access policies or enforce consistent security standards.

A foundational issue is that access controls tend to be overly broad or static – tied to just roles rather than context or what task the agent needs to perform. This eventually becomes problematic when AI agents operate across multiple services or on behalf of users, where more dynamic and granular access is needed.

Also Read: AiThority Interview with Dr. William Bain, CEO and Founder of ScaleOut Software

As AI agents evolve and start empowering more areas of businesses, what should company leaders keep in mind when deploying and using new systems?

Leaders should approach AI deployment with even more rigor they apply to human user access. That means making sure that every AI agent has a clearly defined identity that’s linked to the human using the AI agent, providing limited and purpose-specific access, and having visibility into what actions it’s taking. Consent and accountability mechanisms should be built in from the start, especially as agents interact with sensitive systems or act on behalf of users.

It’s also critical to think beyond the user experience and consider the “agent experience,” guaranteeing agents have stable APIs, reliable documentation, and secure, standardized ways to interact with systems. Finally, supporting developers with tools that abstract complex authentication tasks can prevent bottlenecks and reduce security misconfigurations as adoption grows.

A few thoughts on the future of AI and its impact across industries in a nutshell before we wrap up?

I see a few big shifts ahead. First, today’s basic permission models won’t cut it. AI systems that can generate code, access sensitive data, and interact with users need context-aware authorization to stay secure. Second, user experience will be a key differentiator. As more apps embed AI, the ones that succeed will make security seamless, not obstructive. And third, I believe is the year MCP will start having widespread impact in how agent-to-app connectivity is standardized and secured.

[To share your insights with us, please write to psen@itechseries.com]

[/vc_column_text][/vc_column][/vc_row]