Yubico and Delinea have unveiled a joint integration aimed squarely at one of agentic AI’s most pressing security blind spots: the accountability gap between identifying an AI agent and proving that a verified human authorised its actions.

At the core of the partnership is the introduction of Yubico’s Role Delegation Tokens (RDTs)—a hardware-backed cryptographic authorisation mechanism anchored in YubiKey devices—into the Delinea Platform.

Combined with StrongDM’s runtime authorisation capabilities and StrongDM ID, a new identity layer designed specifically for AI agents, the integration establishes a more complete and enforceable trust framework.

The move follows Delinea’s acquisition of StrongDM, bringing together Privileged Access Management with just-in-time runtime authorisation across both human and machine identities.

Within this unified architecture, Yubico’s RDTs provide a hardware root of trust, enabling organisations to create a verifiable chain of accountability that directly links human intent to autonomous AI execution.

“The hard problem in agentic AI security is accountability: can you prove a specific human approved a high-consequence action?” said Albert Biketi, chief product and technology officer at Yubico.

“Hardware attestation without runtime enforcement is a signature with no enforcement point.” said Biketi

“Runtime enforcement without hardware attestation is a policy gate with no proof of human presence. This integration with Delinea solves both sides.” he said.

Bridging the Accountability Gap: Hardware-Backed Human Authorisation Meets AI Runtime Enforcement

AI coding agents now generate, review, and commit code with increasing autonomy. AI operations agents interact with infrastructure, databases, and enterprise workflows.

These agents are the fastest-growing class of non-human identities in enterprise environments – and existing security models were not designed to govern them.

Identity platforms can authenticate agents and enforce access policy, but because software can be impersonated, replayed or automated, software-based controls alone cannot reliably prove a specific human physically approved a specific action.

Hardware security keys can prove a human is present, but on their own they cannot enforce policy, manage AI agent identities, or scale access controls. Until now, no solution has seamlessly connected these two capabilities.

Delinea bridges that gap with centralised identity governance, just-in-time runtime authorisation powered by StrongDM, and StrongDM ID, which provides verifiable AI agent identities linked to human sponsors.

It also enabled organisations to discover, govern, and authorise access for every human and non-human identity across cloud, hybrid, and on-premises environments.

Yubico adds a hardware-attested layer of human authorisation through Role Delegation Tokens (RDTs) signed by YubiKey, offering cryptographic proof that a specific, physically present human approved a defined action.

When an agentic workflow reaches a high-stakes decision point—such as a production deployment, privileged configuration change, or sensitive data operation—it cannot proceed without human approval.

A verified user must sign an RDT envelope with their YubiKey, directly linking human intent to AI execution.

Key capabilities of the new integration include:

• End-to-end accountability for AI Software Factory workflows – from code generation through human-gated deployment
• Hardware-attested proof of human authorisation for high-consequence agentic actions
• Unified governance across human, machine and AI identities with YubiKey-backed escalation gates
• Comprehensive audit trails binding every critical automated action to a verified human approver

“AI agents are quickly becoming one of the fastest-growing classes of identities in enterprise environments, yet most organisations lack the controls and accountability needed to govern what those identities can do,” said Phil Calvin, chief product officer at Delinea.

“By combining Delinea’s identity governance and runtime authorisation with Yubico’s hardware-backed human authorisation, we create a trusted chain of control that ensures every high-risk action performed by an AI agent can be traced back to a verified human decision.” he said.

The RDT integration with the Delinea Platform will be available for early access customers beginning Q2 2026.

Yubico and Delinea will demonstrate the integration live at RSA Conference 2026, March 23–26, at the Moscone Center. Visit the Yubico booth to see hardware-attested agentic AI authorisation in action.