As companies deploy AI agents in production environments, traditional identity systems are being tested in new ways. These agents can act on behalf of users, interact with multiple third-party services, and require audit trails for every action; models that don’t fit neatly into existing identity and access management (IAM) pricing models. Cloud providers are starting to adapt, and AWS’s Amazon Bedrock AgentCore Identity is one example: it introduces usage-based models and identity features tailored to agentic AI. AWS has positioned the product as a foundation for businesses to move beyond prototypes and securely deploy AI agents in production environments.
Rahul SharmaSenior Product Manager – Technical at AWS, helped define this direction by working on product concept, usage metrics, and leadership alignment to support adoption. He oversaw the product design, monetization, and go-to-market strategy, wrote the product and pricing proposal, ensured alignment of the engineering, finance, and business teams, and presented the framework to AWS senior management.
Most customer identity and access management (CIAM) platforms are priced around the number of monthly active users or licensed seats. AI Agents behave differently. They can run continuously, in short bursts, or be triggered by system events rather than human actions. A single agent may also require extensive access to multiple tools, such as GitHub, Slack, or Salesforce, creating new considerations around consent, permissions, and cost allocation.
AgentCore Identity is designed to fill these gaps. It provides inbound authentication controls to determine who can call an agent, outbound authentication for which services an agent can access, and a secure token vault to manage OAuth tokens and API keys. It also supports delegated and machine-to-machine OAuth 2.0 flows, fine-tuned access policies, and auditing. logging for compliance. By applying the principle of least privilege and enabling durable credentials that can be revoked or audited, the service introduces enterprise-grade protections aligned to specific agent behaviors.
With limited, well-defined or established models, the business framework for agent identity had to be created from scratch. The pricing approach focused on metrics that directly reflect consumption, such as token or API key retrievals from the vault when agents connect to non-AWS services. This design allowed organizations to charge for use of the agent identity product, tracking the actual work done by agents rather than approximations, such as number of users.
Sharma led the effort to define this framework, working with engineering, finance and security teams to test hypotheses. It modeled infrastructure costs and analyzed real-world agent workflows to ensure pricing was aligned with business economics. He collaborated with customer-facing groups to validate that the model made sense in real-world scenarios, not just on paper.
This approach helps minimize early adopter concerns by avoiding upfront commitments or minimum fees, and instead offering pay-as-you-go pricing for requests for tokens and API keys. For customers exploring new agent workloads, this flexibility reduces financial risk while ensuring transparency.
Once the framework is established, Sharma worked with cross-functional teamsincluding peers and leaders, to move from proposal to launch. This included defining integration with existing identity providers, ensuring the token vault met encryption and auditing standards, prioritizing which flows to support at launch, and helping design the API for easier developer adoption. AWS introduced AgentCore Identity in public preview in July 2025 as part of the broader Amazon Bedrock AgentCore announcement.
The development process also required AWS teams to test hypotheses about how often agents would invoke downstream tools, what limits should be applied to prevent service abuse, and how the identity could remain compatible with existing IAM and CIAM systems. By reconciling these operational considerations with a sustainable business model, Sharma helped position Bedrock AgentCore Identity as a production-ready service.
Customers are billed for non-AWS resource token or API key retrievals, with transparent billing that reflects consumption. In scenarios where AgentCore Identity is used through AgentCore Runtime or Gateway, fees do not apply, reducing friction for first-time customers.
Public documentation and coverage have highlighted AgentCore Identity’s ability to secure agent interactions with AWS and external services, maintain audit trails when agents need to access AWS services, and integrate with existing identity providers, including Amazon Cognito, Okta, and Microsoft Entra ID. Preliminary pricing documents from AWS emphasize transparency, showing the number of token/API key retrievals and consumption levels, which has given businesses confidence when evaluating the service.
The product’s inclusion in the AWS NY Summit keynote highlighted its importance within AWS. Agentic AI wallet. Analysts noted that the lack of dedicated identity solutions has slowed the adoption of AI agents in sensitive enterprise environments. By combining security, governance, and a clear business model, Bedrock AgentCore Identity aims to establish a framework that enterprises can trust as they scale their agent deployments.
AI agent identity is an emerging category, and clarity of the business model can serve as a catalyst for enterprise adoption. By directly tying costs to measurable agent activity, AWS provided a transparent way for customers to experiment without making too much commitment.
The AgentCore Identity model demonstrates how pricing and packaging, as well as functionality, can be important considerations in determining how companies bring new identity paradigms into production. As providers introduce their own approaches, the debate over how to value agent activity – and charge for it – may shape the trajectory of this industry as much as technical capabilities themselves.
