KuppingerCole: IAM 2026 and the Rise of AIdentity

On 3 February 2026, KuppingerCole published its Research Compass for Identity and Access Management 2026 (AN82012, by Matthias Reinwarth). Two threads in it are worth pulling together. First, it continues to advance the Identity Fabric model as the organising architecture for enterprise identity, a deliberately composed plane of services rather than a single monolithic suite. Second, it positions AI as increasingly integral to IAM itself, describing a move toward autonomous, AI-driven identity systems, framed around the idea of "AIdentity", specifically as a way to manage the high volume of machine identities that human-paced governance cannot keep up with.

The combination is the interesting part. The Identity Fabric framing has always made the architecture the unit of work: the design decision is how directory, federation, MFA, IGA, PAM, customer identity, machine identity, and threat detection compose into one control plane, with the signals and policy authority between them as explicit design surfaces. Folding AI into that fabric, as KuppingerCole now does, raises the stakes on those design surfaces rather than simplifying them.

Our reading is that AI in identity is being asked to play two roles at once, and they need to be kept architecturally distinct. In one role AI is an operator on the fabric: triaging access requests, modelling machine-identity behaviour, spotting the anomalous service account at a scale humans cannot review. In the other role AI is a subject of the fabric: the agentic identities the fabric has to govern, the high-volume machine population that prompted the "AIdentity" framing in the first place. The same word covers the thing doing the governing and the thing being governed.

The identity-architecture implication is to design for both roles explicitly and never let them blur. AI that helps run the fabric needs guardrails on what it can change. AI that lives inside the fabric as an autonomous identity needs the scope, lifecycle, and revocation discipline of any other non-human identity, more, given its autonomy. KuppingerCole naming AI integral to IAM in 2026 is confirmation that the fabric now has to be designed to govern intelligence, not just access. That is an architecture problem, and it is the one worth getting right before the machine-identity population doubles again.