The Salesloft Drift incident reported in August showed how quickly trust can be abused when OAuth tokens tied to a third-party chatbot integration were stolen and then used to query SaaS APIs at scale.
Multiple organizations reported data exfiltration from CRM objects, and tokens were subsequently revoked while investigations proceeded. If you want a deeper technical timeline, Cloudflare, Google Threat Intelligence, and Salesforce each published useful summaries.
We’ve discussed the issues associated with broadly permissioned, static OAuth tokens when it comes to securely managing AI workflows, and this incident highlights one of their greatest potential risks.
Once a token is compromised, an attacker’s API calls are virtually indistinguishable from legitimate traffic.
This wasn’t just a token problem, but an identity and permissions problem. The chatbot integration was trusted with:
- Over-broad scopes (e.g., “full” access to many objects and actions).
- Long-lived access (refreshable tokens + no natural expiry of permission).
- Always-on automation (chatbots/agents granted standing privileges “just in case”).
Next Steps and Best Practices to Secure All Identities
Whether or not your organization was directly impacted by Drift, now is a good time to review the security of any AI-powered and other SaaS integrations in your environment.
Here are some steps that your team can use as a starting point to review access management quickly:
- Revoke & Rotate
Review and revoke any stale or overly permissive tokens. Take some time to rotate API keys/passwords/secrets. If your organization was affected by the compromise, FBI Flash has guidance for recommended mitigation. - Right-Size Permissions Scopes
Replace any blanket-scoped permissions with the minimum objects/actions required. Remove “API Enabled” permissions from base profiles and grant this access via permission sets to the select roles that truly need it—and only when they need it. - Review Event & Audit Logs
Look for unusual bulk exports, unexpected connected-app activity, atypical user-agents/origins. Use these to identify any affected objects or records and take action accordingly. - Tighten app/IP restrictions
Use connected-app IP allowlists where supported to define login IP ranges for profiles. Deny unknown origins by default to prevent exploitation of tokens or credentials by unauthorized users.
Strengthening the Identity and Access Perimeter
After verifying that access is currently secure, the focus should shift on implementing a strategy that fortifies access security by design.
This means focusing on identities (and their associated permissions) as the perimeter, moving away from blanket access to adopt a more dynamic, granular, and comprehensive approach to access management.
Treat integrations for AI agents as first-class identities
Register an individual identity for each AI agent or integration, assign ownership, define purpose, and manage lifecycle for every identity in your environment. Clear ownership drives better scopes and shorter lifetimes to improve visibility and access management.
Enforce runtime authorization
Replace “always-on” privileges with just-in-time authorization. Permissions should be created at runtime and scoped precisely to what’s needed. These permissions should automatically be revoked upon task completion or expiration of time to live (TTL), enforcing Zero Standing Privileges (ZSP) by default and keeping the blast radius small.
Establish guardrails for AI identity security
Require on-behalf-of boundaries (an agent can act only within the human sponsor’s privilege perimeter). Use tool allowlists and approvals so agents call only approved APIs, under specific conditions, for a limited time.
Limit token viability with additional controls
Strategies like demonstration of proof-of-possession (DPoP) combined with IP and network conditions limit how access tokens can be used by unauthorized users. Ephemeral access tokens that are dynamically scoped and created at runtime with a short window of expiration can similarly prevent unauthorized use and access.
Unified visibility to see, decide, and revoke access quickly
Centralized identity-level telemetry (showing access data around who/what/when/why/how long) connected to SIEMs, SOARs, and other security software can aid in automatic privilege tear-down. If an integration behaves unexpectedly, revoke access first and then investigate with evidence intact.
The Key to Security? Access Strategies That Can Adapt
As AI-driven integrations and the SaaS-based supply chain continue to grow, managing access across these tools and identities in your environment will only continue to be top of mind for security leaders.
Giving access only when it’s needed, scoped to the smallest possible action and length of time, with automatic revocation are key to minimizing the blast radius without impacting operations. Securing every identity (human, NHI, and agentic AI) across cloud, SaaS, hybrid, and on-prem is crucial to leaving the risk of standing privileges behind.
If you're curious to see how this maps to your top apps, agents, or other use cases, schedule time to meet with the team and we’ll walk through a few live patterns.
Explore more resources for securing agent identities on our Agentic Identity Security page.
Britive Team
View All PostsView All Posts
