Identiverse 2026 recap: agentic identity grows up, and passkeys get real

Identiverse, the largest vendor-neutral identity conference in North America, wrapped in Las Vegas earlier this month. A week of sessions across the full identity stack is a good barometer for where the industry actually is, as opposed to where the marketing says it is. Here is what stood out, and what it means for the people who have to build and run identity systems.

This is independent community coverage of the themes and direction of the event, not an official summary. For the conference profile, see Identiverse.

1. Agentic identity moved from panel topic to roadmap

A year ago, identity for AI agents was a thought experiment. At Identiverse 2026 it was everywhere, and the conversation had matured from "this is coming" to "here is how we are scoping, delegating, and revoking it." The core problem is now widely understood: an AI agent is neither a human nor a traditional service account. It acts on a person's behalf, chains tools together, and needs credentials that are scoped to a task, carry the delegation chain, are fully auditable, and can be killed instantly.

The practical takeaways echoed what we have written about non-human identity: inventory your agents and machine identities, default to short-lived scoped tokens over standing privilege, and log who an agent acted for on every call. Standards work around delegation and token exchange is racing to keep up with deployment.

2. Passkeys stopped being aspirational

The passkey conversation has crossed a line. Sessions were less about whether to adopt passkeys and more about the operational reality of doing it at enterprise scale: enrollment, account recovery, shared devices, and the long tail of legacy apps. The hard part, as practitioners kept repeating, is not the cryptography but recovery and enrollment, which is exactly where attackers like Scattered Spider strike. If you are planning a rollout, our passkey rollout checklist and MFA rollout playbook capture the sequence.

3. Deepfakes versus identity verification

The identity verification track had a sharper edge this year. AI-generated documents, synthetic faces, and injection attacks against remote proofing have moved from demo to real threat, and liveness and anti-injection defenses were a recurring topic. The arms race between generative AI and verification is now a permanent feature of the onboarding problem, especially for finance, crypto, and any high-assurance use case.

4. Session security and ITDR took center stage

With infostealers and session-token theft now a primary attack path, a lot of attention went to protecting the session, not just the login. Continuous evaluation, sender-constrained tokens, and identity threat detection featured heavily. The message lands with the data: "we have MFA" is an incomplete answer when the attacker rides a stolen session that was authenticated hours ago.

5. Verifiable credentials kept maturing

Decentralized identity is past its hype cycle and into grind. Pushed by eIDAS 2.0 and the W3C Verifiable Credentials Data Model, the wallet and reusable-credential conversation was concrete: interoperability profiles, real pilots, and the unglamorous problems of revocation, recovery, and trust frameworks.

The throughline

The unifying theme across all of it: identity is now the security control plane, and the center of gravity is shifting from authenticating humans to governing machines and agents. The organizations doing well are the ones treating identity as continuous and risk-based rather than a one-time gate, and extending the same rigor they apply to people to the fast-growing population of non-human identities.

If you want the conference details and our coverage approach, see the Identiverse profile. For the data behind these trends, see our research hub, and for the incidents that keep driving them, the breach teardowns.