User Experience (UX)

Q1: How do we handle delegation for shared accounts?

Shared accounts are a governance trap: you lose accountability and invite over-privilege.

Safer approach:

• Replace “shared user” with “shared resource.” Keep individual identities, then grant access to a shared workspace/project via relationships (groups/teams) and enforce via graph authorization (Zanzibar-style).

• If a shared account is unavoidable: force strong step-up, strict time-bounds, and per-action logging with explicit delegation_id and approver_id.

Learn More

Q2: Can we revoke delegation instantly while an agent is active?

Yes, design for revocation as a real-time control, not a scheduled cleanup.

Mechanisms:

• Token revocation endpoint: revoke access/refresh tokens and related tokens tied to the same grant.

• Token introspection: resource servers check token active state at request time (best with opaque tokens).

• Near-real-time session attenuation: use shared-signal patterns (CAEP/SSF) where receivers respond to security events quickly.

Practical “instant revocation” recipe:

• Make access tokens short-lived

• Use introspection or continuous evaluation for sensitive tools

• Maintain a fast deny-list keyed by delegation_id

Learn More

Q3: How do we enforce "step-up" authentication before delegation?

Treat delegation as a privileged operation and require step-up based on risk.

Implementation patterns:

• Step-up if: new device, new region, high-impact tool, privileged data class, high spend, or long delegation duration.

• Prefer phishing-resistant methods for step-up where possible (passkeys/FIDO2 are a common modern baseline).

• Record “step-up satisfied” as a time-bound flag tied to the delegation grant (e.g., valid for 10 minutes).

Learn More

Q4: How do we detect "MFA Fatigue" attacks triggered by agents?

“MFA fatigue” (push bombing) is a real risk when agents or automations can trigger repeated auth challenges.

Detection signals:

• High-frequency push prompts for a single user within a short window

• Repeated prompts with no successful primary auth or unusual IP/device

• Prompts triggered by an agent outside its normal intent/tool boundaries

Mitigations that work:

• Number matching for push to prevent blind approvals (CISA recommends it as a defense against push fatigue).

• Rate-limit step-up prompts per user + per agent + per delegation.

• Require “why” context in the prompt (show the triggering action/intent).

• Use phishing-resistant factors for sensitive flows (reduce dependence on push).

• LoginRadius has a clear overview of push-bombing mechanics and prevention concepts if you want a customer-friendly explainer.

Learn More