As AI agents and workloads increasingly act autonomously on behalf of users and organizations, ensuring their secure authentication is critical to prevent unauthorized access. This session will describe the need for robust authentication mechanisms tailored for ephemeral workloads and agentic AI lifecycles, the need to eradicate long-lived secrets and API keys for authentication and authorization, and introduce the recently adopted IETF specification based on OAuth 2.0 client authentication using SPIFFE credentials that eliminates the need for OAuth client secrets.