Knowledge Base / Platform Configuration / Runtime Identity
Concept 9 of 10

Runtime Identity

The secure badge that lets your assets make trusted machine-to-machine requests.

What Is a Runtime Identity?

When a Connector or Automation needs to talk to another system or call a platform API automatically, the platform needs a secure way to know:

  • What is making the request?
  • Who does it belong to?
  • What is it allowed to do?
  • Whether the request can be trusted?

That secure machine identity is the Runtime Identity. It is the credentialed technical identity bound to an Asset for secure machine-to-machine communication.

Why Does This Matter?

A Tenant owns the environment, but the Tenant itself doesn't usually make individual API calls. At runtime, a specific Connector or Automation performs the work. That means the runtime identity should be attached to the working Asset.

This enables:

  • Stronger security — Each Asset has its own identity
  • Per-asset permissions — Different Assets can have different access levels
  • Per-asset audit trails — You know exactly which Asset made each request
  • Safer revocation — Revoke one Asset's access without affecting others
  • Rate limits by Asset — Control usage at the component level
  • Environment-specific access control — Different credentials for dev, staging, production

What a Runtime Identity May Include

  • API key identifier
  • Secret or signing material
  • Scopes or permissions
  • Environment binding (dev, staging, production)
  • Expiry rules
  • Activity status and usage history
  • Linked Asset type and ID

Why This Matters for Non-Technical Users Too

Even if you never write code, Runtime Identity still matters. It protects the service you built. If a solo founder offers an automated service to customers, that service still needs secure credentials in the background. The founder may not think in security jargon, but the platform ensures safe identity for runtime operations.

Real-World Example

The IT team creates an Automation that syncs resolved incident data to the asset management system. That Automation needs credentials so it can securely call the CMDB API. Those credentials, bound to that specific Automation, form the Runtime Identity.

If the IT team later adds a second Automation for provisioning workflows, that one gets its own separate Runtime Identity — keeping security granular and auditable.

What Runtime Identity Is Not

Runtime Identity is not a human login (that's a user account). It is not the same as the Tenant (that's the organization). It is not just a random password. It is the machine-level identity used by an Asset during runtime to make secure, authenticated requests.

Helpful Metaphor

If the Tenant is the company and the Asset is the worker, the Runtime Identity is the worker's secure badge — used to enter the right doors and perform approved tasks. Each worker has their own badge with their own access level.

Short Definition

Runtime Identity: The credentialed technical identity bound to an asset for secure machine-to-machine communication.

Previous Connection Next Agentic Capability
Book 10-min Demo: Run Your First Skill
© 2026 SeekBytes. All Rights Reserved. | Privacy v1.1.80