1Password identity security platform has grown its capabilities after acquiring Apono, an innovator in just-in-time access governance for humans, machines, and AI agents. The acquisition makes 1Password’s ability to control and manage access across enterprise environments stronger
1Password Acquires Apono, which focuses on providing secure, real-time access management. The technology grants access only when required, limits permissions based on specific tasks, continuously monitors activity, and automatically removes access after completion.
Together, 1Password and Apono aim to advance the vision behind 1Password® Unified Access. The platform provides a single control layer for managing human, machine, and AI agent identities.
The solution connects identity credentials with runtime access decisions. As a result, organizations can maintain secure access control across modern enterprise environments.
1Password has built an identity security platform trusted by more than 180,000 businesses. Also, over 1 million developers rely on the company to protect credentials, secrets, and critical system access.
1Password Expands Identity Security for AI-Driven Enterprises
The rapid adoption of AI agents has created new identity security challenges. Traditional enterprise identity systems were designed before AI and often operate across separate security environments.
However, organizations now require unified identity governance for humans, machines, and AI agents. Without proper controls, AI systems may gain excessive permissions and increase security risks.
The acquisition of Apono allows 1Password to combine separate identity management processes into one unified control plane. Therefore, businesses can govern what each identity can access, when access is allowed, and how long permissions remain active.
Every identity type receives only the permissions required for a specific task. Moreover, organizations receive complete audit records of every access activity.
“Today’s identity systems govern the entry, but not the stay. They decide who gets in, then lose sight of what an identity does once it’s inside,” said David Faugno, CEO of 1Password. “Agentic workflows have exposed how fragmented enterprise identity really is, built in silos for a world before AI. Companies can’t capture the full value of their AI investments when agents are reaching critical systems through credentials nobody is governing. By combining Apono’s just-in-time provisioning and intent-based policy enforcement with 1Password’s zero-knowledge vault and Credential Broker, we’re delivering the answer: unlocking the highest-value AI use cases while keeping people in control.”
Identity Security for the Agentic Enterprise
Apono improves identity security by evaluating every access request individually. Instead of depending on permanent accounts, the platform reviews requests based on policies and business requirements.
It then creates the required account, role, or permission for a limited period. Once the task finishes, the system automatically removes access.
This just-in-time access governance approach eliminates unnecessary standing privileges. Additionally, it helps security teams reduce risks while simplifying access management.
The same security model applies to people, service accounts, and AI agents. AI agent access remains connected to the human who approved the activity and follows the purpose of the assigned task.
Apono provides access management across cloud platforms and critical resources. These include Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Kubernetes, Snowflake, and Databricks.
Also, the platform integrates with more than 200 enterprise applications. These include Slack, Jira, PagerDuty, and GitHub.
Users can request access directly through existing tools. For example, engineers can access production databases, IT administrators can provide temporary contractor access, and sales teams can receive limited Salesforce permissions for specific tasks.
Technical teams can also create access policies through Apono’s API and Terraform. Every request, approval, access grant, and revocation is recorded through a centralized audit trail.
For AI agents, Intent-Based Access Control ensures human oversight. The system compares declared intent with actual agent behavior.
If an AI agent performs actions outside the approved purpose, the system can reduce or remove access automatically. This approach helps organizations verify autonomous access instead of assuming trust.
“Standing access is the quiet liability inside almost every company: permissions granted once and never taken back,” said Rom Carmel, co-founder and CEO of Apono. “We built Apono to remove access the moment the work is done: scoped to exactly what the task needs, for every engineer, knowledge worker, service account, and AI agent, decided at runtime based on context and intent. Done right, security stops being the thing that slows people down and becomes the thing that lets them move, including how confidently they can put AI to work. With a shared vision of seamless secure access across every identity, we are excited to be joining 1Password and define what access governance looks like when AI agents run in production.”
Moving From Credential Security to Access Governance
Credential security and access governance address the same challenge. Organizations need to ensure that every identity receives only necessary permissions at the right time. The acquisition of Apono strengthens 1Password Unified Access. The platform helps organizations discover, secure, and monitor human, machine, and AI agent identities.
Alongside the acquisition announcement, 1Password introduced the 1Password Credential Broker. The product is currently available in private beta. The Credential Broker begins with GitHub Actions workload identity. It will expand support across human identities, machine workloads, and AI agents over time.
The technology keeps credentials protected inside 1Password’s zero-knowledge vault. It releases approved credentials, tokens, or federated access only to verified users when needed. This prevents long-term secrets from being stored in applications, repositories, or development pipelines.
The Credential Broker protects credential security, while Apono manages identity permissions and access duration. Together, both solutions extend Unified Access from password management to zero-standing-privilege access governance.
With 1Password Unified Access, organizations can discover human and non-human identities across applications. Also discover infrastructure, devices, and AI systems while identifying unused accounts and excessive permissions. Secure credentials, secrets, and access through just-in-time controls for humans, machines, and AI agents. Govern and audit access requests, approvals, and activities through a unified audit trail with complete context.
“As organizations accelerate adoption of cloud infrastructure, machine identities, and AI agents, the number of privileged identities is growing dramatically, creating demand for solutions that eliminate standing privileges and can govern access in real time,” said Duncan Brown, Group Vice President, Worldwide Security Products, IDC. “By combining credential security, machine identity protection, and just-in-time zero-standing-privilege access, 1Password is uniquely positioned to help organizations secure the next generation of human and non-human identities.”
1Password Acquires Apono marks a significant step toward improving identity security for modern enterprises. The combined platform helps organizations adopt AI technologies while maintaining stronger access controls and security governance.
To explore how Security Operations Centers (SOC) play a crucial role in defending against modern cyber threats, read our latest SOC News.
Source: Businesswire
