← All posts

Choose Your Stack · Episode 1

Should You Still Build Software for Humans?

podcastagentsidentityauthorizationworkos

Michael Grinich, CEO of WorkOS, on building software in a world where AI agents are becoming the primary users — and why the decades-old permissioning model breaks down completely.

Choose Your Stack — Episode 1 thumbnail: Michael Grinich, CEO of WorkOS, with the pull quote “Build for agents first.”
Listen / watch
YouTube

Michael Grinich recording the first episode of Choose Your Stack at the MCP Dev Summit in New York City.

In our first episode of Choose Your Stack, recorded at the MCP Dev Summit in New York City, Ryo Koyama sits down with Michael Grinich, CEO and founder of WorkOS, to unpack what it actually looks like to build software in the AI era. As the authentication and enterprise infrastructure layer behind OpenAI, Anthropic, Perplexity, and Cursor, Michael has a front-row seat to what is changing — and what is breaking.

“The challenge I think is actually a governance problem — it’s authorization of what the thing can do. Agents are quite different in that when you spawn an agent to go do something, you don’t know what access it needs. It’s non-deterministic. With Agentic things, it’s totally the opposite. It needs wide-scope access to be able to discover things, but then you don’t want to give it access to actually mutate things, and it’s just a totally different permissioning model.”

Michael Grinich, CEO of WorkOS

Together, they explore why open-source is no longer just about distribution, how the shift from human users to AI agents is forcing developer platforms and infrastructure companies to rethink how they build, why agent identity is only half the problem, and why the agentic world requires a completely different permissioning model than what we have been doing for decades.

Michael Grinich on mic during the Choose Your Stack interview.

“Right now, people think about developers controlling agents, but pretty soon you’re literally going to have thousands of agents that companies have. And how do you manage that scale? Because it’s going to be multiple orders of magnitude above what’s out there today.”

Ryo Koyama, President of Parinita AI

The core security and governance challenge that necessitates Sovereign AI Infrastructure and an AI Fabric is that the non-deterministic nature of agent access breaks the decades-old, statically analyzed “least privilege” model. To solve this, the infrastructure itself must embed identity and policy — like Parinita’s identity-based networking — to enforce authorization in real time, rather than relying on brittle, after-the-fact credentials. This moves security and compliance from being bolted on to being built in.

Managing autonomous agents at massive scale requires non-traditional infrastructure for agent-to-agent (A2A) communication and autonomous scaling. This is why Parind Parekh founded Parinita AI, the first Agent Native Cloud built for ephemeral workloads at the edge.

Key takeaways from the episode

  • WorkOS sits behind every major AI app you’ve used. If you have logged into OpenAI, Anthropic, Perplexity, or Cursor, you have logged in through WorkOS. WorkOS helps software companies go enterprise-ready, starting with authentication and extending into provisioning, permissions, logging, and fraud detection.

  • Open source is no longer just about distribution. It’s about product efficacy. If your interface is not in the model pre-training data, agents will not write to it well. Michael uses Radix, WorkOS’s open-source component library, versus Retool’s proprietary UI system as a direct example of what that gap looks like in practice.

  • Products need to be built for agents, not just humans. Over the past year, WorkOS has prioritized making it easier for agents to integrate their software via the llms.txt standard, Claude Skills, and most recently a new CLI that lets an agent sign up and configure an environment with no human account required. The shift is from human-first augmented with agents, to agent-first, human-second.

  • Agent identity and access management is unsolved. Tools like web bot auth and cryptographic stamps solve for web scrapers, but if an agent is acting on your behalf to go do a task, a stamp that proves it exists tells you nothing about what it is actually allowed to do. And systems like Okta and Active Directory, built to manage humans, are going to need to be rebuilt to manage the 1000x more agents that are coming.

  • The traditional permissioning model breaks down with agents. With traditional systems, you can statically analyze a process and lock in what permissions it needs. Agents are the opposite. They need a wide scope of access to discover things, but constrained access so they can’t mutate things. Yet people are still assuming the solution looks more similar to the old way than it actually does.

Chapters

  • 0:00 — Intro
  • 0:16 — What is WorkOS
  • 1:15 — What has the AI transition looked like from your seat over the past two years?
  • 3:21 — Closed source vs. open source and training AI agents
  • 4:51 — Building for agents first, humans second
  • 7:53 — Is auth moving deeper into the stack?
  • 11:46 — AI hot take: what is everyone getting wrong about agent identity?