AI agents are emerging as the next computing platform, reshaping how software works at its core. For the first time, systems can act on our behalf. This transformation will redefine how we work across every digital surface. But with it comes a massive new security challenge.
In recent weeks, we’ve already seen AI agents go rogue or leak sensitive data due to weak identity infrastructure – a preview of what happens when autonomy outpaces trust. The digital identity infrastructure we rely on today was built for humans clicking buttons, not for autonomous agents spawning by the thousands, operating across organizations, and requiring new permissions every few seconds. The result is a structural mismatch between how our systems authenticate and how agents actually behave.
Every company experimenting with agents faces the same seemingly wicked trilemma:
- Make permissions too permissive and risk serious exposure. Giving agents broad access creates massive, unpredictable attack surfaces.
- Lock down access and stifle innovation. Restricting access makes agents safe but useless.
- Build custom infrastructure. Burning months of engineering time on brittle, unscalable systems for each new use case.
This is not a new problem. It is the culmination of years of underinvestment in machine identity. AI agents have simply exposed the fragility of an architecture that was never meant to handle autonomy, ephemerality, and delegation at scale.
Keycard is building the missing trust fabric for this new world. Instead of static secrets and API keys, Keycard issues dynamic, identity-bound, task-scoped tokens: cryptographic “keycards” that carry verifiable proof of who the agent is, what it is allowed to do, and for whom. Access is granted and revoked in real time and enforced at runtime, and it always remains fully auditable.. This simple but profound shift, from static identity (who you are) to dynamic intent (what you are doing right now), finally makes safe, autonomous delegation possible.
We have known Ian Livingstone, Keycard’s cofounder and CEO, for a long time. As host of the Infra Pod, Ian has been one of the most thoughtful voices in the infrastructure world. We’ve always admired his ability to see around corners. Alongside Matt Creager, who built and scaled the developer platform at Snyk from $30M to $300M ARR, and Jared Hanson, creator of Passport.js and former Chief Architect at Auth0, the founders combine deep infrastructure experience, a strong sense of developer-first design, and the identity expertise required to build foundational infrastructure for the next era of the internet.
The team is contributing to open standards such as MCP, WIMSE, and OAuth extensions for agents, and has already delivered the first production implementation of OAuth 2.1 Client ID Metadata Documents. By extending open protocols and ensuring interoperability with major platforms like OpenAI, Anthropic, and Microsoft, Keycard is positioning itself as a foundational layer of the agent economy. This is the Auth0 moment for agent access.
We are proud to partner with Ian, Matt, Jared, and the Keycard team as they build the identity layer for the agent economy. This is the missing piece that will finally allow AI agents to move safely from pilot to production.
-
Zane Lackey is a General Partner at Andreessen Horowitz where he focuses on DevOps, cybersecurity, and enterprise infrastructure.
-
Yoko Li is a partner at Andreessen Horowitz, where she focuses on enterprise and infrastructure.
-
Joel de la Garza is a partner focused on information security related investments and other chaos adjacent businesses.
- Follow
-
Malika Aubakirova is an investor on the AI Infrastructure team at a16z.
