Joint integration combines hardware-rooted human authorization with Delinea’s runtime authorization and identity governance capabilities powered by StrongDM to create an end-to-end accountability chain for AI Software Factories and agentic operations
SAN FRANCISCO, CA – March 19, 2026 – Yubico (NASDAQ STOCKHOLM: YUBICO) and Delinea today announced a joint integration that closes a critical gap in agentic AI security: the accountability gap between knowing who an AI agent is and proving that a verified human authorized what it did. The integration enables Yubico’s Role Delegation Tokens (RDT) – a cryptographic authorization primitive backed by YubiKey hardware – to be used within the Delinea Platform alongside StrongDM’s runtime authorization capabilities, and StrongDM ID, the new identity layer purpose-built for AI agents.
Following Delinea’s completion of its StrongDM acquisition, the combined platform unifies Privileged Access Management with just-in-time runtime authorization across both human and non-human identities. Yubico’s RDT adds a cryptographic hardware root of trust to this architecture, allowing organizations to establish a verifiable chain of accountability between the human who authorizes an action and the AI system that executes it.
“The hard problem in agentic AI security is accountability: can you prove a specific human approved a high-consequence action?” said Albert Biketi, chief product and technology officer at Yubico. “Hardware attestation without runtime enforcement is a signature with no enforcement point. Runtime enforcement without hardware attestation is a policy gate with no proof of human presence. This integration with Delinea solves both sides.”
The Accountability Gap: Runtime Policy Enforcement Meets Hardware-based Human Authorization
AI coding agents now generate, review, and commit code with increasing autonomy. AI operations agents interact with infrastructure, databases, and enterprise workflows. These agents are the fastest-growing class of non-human identities in enterprise environments – and existing security models were not designed to govern them.
Identity platforms can authenticate agents and enforce access policy, but because software can be impersonated, replayed or automated, software-based controls alone cannot reliably prove a specific human physically approved a specific action. Hardware security keys can verify human presence, but a token alone cannot evaluate policy, manage agent identities, or enforce access controls at scale. Organizations need both – and until now, no integration has connected them.
Delinea provides centralized identity governance, JIT runtime authorization powered by StrongDM, and – through StrongDM ID – verifiable agent identities linked to human sponsors, enabling organizations to discover, govern, and authorize access for every human and non-human identity across cloud, hybrid, and on-premises environments.
Yubico provides hardware-attested human authorization through Role Delegation Tokens signed by YubiKey – cryptographic proof that a specific, physically present human approved a specific action with defined scope and constraints.
When an agentic workflow reaches a high-consequence decision point – such as a production deployment gate, a privileged configuration change, or a sensitive data operation – the integration requires a verified human to authorize the action by signing an RDT envelope with their YubiKey before the workflow proceeds.
Key capabilities of the new integration include:
- End-to-end accountability for AI Software Factory workflows – from code generation through human-gated deployment
- Hardware-attested proof of human authorization for high-consequence agentic actions
- Unified governance across human, machine and AI identities with YubiKey-backed escalation gates
- Comprehensive audit trails binding every critical automated action to a verified human approver
“AI agents are quickly becoming one of the fastest-growing classes of identities in enterprise environments, yet most organizations lack the controls and accountability needed to govern what those identities can do,” said Phil Calvin, chief product officer at Delinea. “By combining Delinea’s identity governance and runtime authorization with Yubico’s hardware-backed human authorization, we create a trusted chain of control that ensures every high-risk action performed by an AI agent can be traced back to a verified human decision.”
The RDT integration with the Delinea Platform will be available for early access customers beginning Q2 2026. Yubico and Delinea will demonstrate the integration live at RSA Conference 2026, March 23–26 at the Moscone Center. Visit the Yubico booth to see hardware-attested agentic AI authorization in action.
