Zero standing privileges (ZSP).
Zero standing privileges (ZSP) means no identity holds usable access between tasks — permissions and credentials are granted just-in-time for a specific action and revoked the moment it completes. It goes a step beyond least privilege, which minimizes standing access but still leaves some in place; ZSP reduces standing access to zero, so a stolen credential grants nothing while it is not actively in use. ZSP is becoming foundational for AI agents and other machine identities, whose always-on standing tokens are a new category of risk.
Key takeaways
- ZSP means no usable access between tasks — granted just-in-time, revoked the moment the task ends.
- It goes beyond least privilege (which leaves standing access); a stolen credential grants nothing when idle.
- Delivered through just-in-time access, ephemeral vaulted credentials, and runtime policy.
- Highest payoff for privileged accounts and AI-agent identities.
Least privilege vs Zero standing privileges.
| Dimension | Least privilege | Zero standing privileges |
|---|---|---|
| Standing access | Minimized, but present | None between tasks |
| Grant | Durable, scoped to a role | Ephemeral, scoped to a single task |
| Compromise window | Any time the credential exists | Only during an active, authorized task |
| Revocation | Manual / periodic review | Automatic when the task ends |
| Best fit | Human roles, baseline hygiene | Machine + AI-agent identities, privileged access |
Why least privilege is not enough for agents
Least privilege says "give each identity only the permissions it needs." Good — but those permissions still sit on the identity permanently, so a leaked token or a hijacked agent is immediately useful to an attacker. For human employees that residual risk is manageable. For AI agents that may hold dozens of tool credentials and run unattended, standing access is an always-on liability multiplied across every agent.
ZSP closes that window. The identity holds nothing by default; when it needs to act, it requests access for that specific task, the access is granted for a bounded time, and it evaporates afterward. There is no durable credential to steal.
How ZSP works
Three mechanisms make standing access disappear without blocking legitimate work:
- Just-in-time (JIT) access — permissions are requested and granted at the moment of need, not held in advance.
- Ephemeral credentials — short-lived, vaulted, and auto-expiring tokens rather than long-lived static secrets.
- Runtime policy enforcement — each request is evaluated against policy (who, what, why, context) before access is minted.
Implementing ZSP
Start with the highest-risk identities — privileged accounts and AI agents — and vault their credentials so no human or agent holds them directly. Front access with a broker that grants per-task, time-boxed credentials, and log every grant. For agents specifically, pair ZSP with per-tool-call authorization (so even an active task cannot exceed its scope) and a delegation model that downscopes permission at each hop.
When to use each.
ZSP is the right target when…
- You are securing privileged access (PAM) or machine/AI-agent identities.
- Standing tokens are your biggest blast-radius risk.
- You can broker just-in-time, time-boxed access without breaking workflows.
Least privilege is the pragmatic baseline when…
- You are establishing hygiene across a large human population.
- JIT brokering is not yet in place for a given system.
- You are reducing over-provisioning as a first step toward ZSP.
Common questions.
What is the difference between zero standing privileges and least privilege?+
Least privilege minimizes the standing permissions an identity holds; zero standing privileges removes standing permissions entirely, granting access just-in-time per task and revoking it after. ZSP is effectively least privilege taken to its limit, so there is no durable access to compromise.
Is ZSP the same as just-in-time (JIT) access?+
JIT access is the main mechanism that delivers ZSP — access granted at the moment of need — but ZSP is the broader outcome: no usable standing access plus ephemeral credentials and runtime policy. You implement ZSP using JIT access, credential vaulting, and per-request authorization.
Does ZSP apply to humans or only machines?+
Both, but it pays off fastest for privileged human accounts and for machine / AI-agent identities, where standing credentials are high-value and often unattended. Many programs apply least privilege broadly and ZSP to the highest-risk identities first.
The whole picture, in one place.
This explainer is part of our complete guide to IAM — authentication, authorization, governance, privileged access, the standards, and how to run a program.