Skip to main content
Sign in
Deutsch Español Español (México) Français Italiano 日本語 한국어 Nederlands Português Português do Brasil Svenska Türkçe 简体中文 繁體中文
Liliana Martinez
  • Updated

This article explains why an AI agent might be blocked even if it has the correct technical permissions. In Oasis Security, access is granted based on Intent. If an AI agent (like a coding bot or a data agent) tries to perform an action that doesn't match its pre-approved "intent" (e.g., trying to delete a database when its intent was only to read), Oasis will block the session via a Just-In-Time (JIT) identity failure.

Key Troubleshooting Steps:

  1. Check the Oasis Scout logs for "Intent Deviation" alerts.

  2. Verify if the agent’s natural language prompt was correctly mapped to a structured policy.

  3. Confirm that the ephemeral (short-lived) token hasn't expired mid-task.

Comments

0 comments

Please sign in to leave a comment.

We are here to help. Get in touch!

If your specific case has not been resolved yet, send us a message or follow up if you already sent a request.

Send Request;https://z3n-zentech.zendesk.com/hc/requests/new,Check your request status;https://z3n-zentech.zendesk.com/hc/requests