How Are AI Agents Secure in JD Edwards?
JD Edwards AI agents are designed with a clear principle:
The agent is not trusted by default.
Instead of introducing a new access layer, the AI operates as a controlled execution layer within your existing JDE security model.
User-Bound Identity, Not Independent Access
AI agents do not operate as their own users or with elevated privileges.
Every action is performed on behalf of an authenticated JD Edwards user, ensuring:
- Actions align to known identities
- Permissions are enforced at the user level
- No expansion of authority beyond what is already defined
No Stored Credentials or Persistent Access
User credentials are never stored or exposed.
Access is managed through secure, session-based authentication using short-lived tokens, ensuring that:
- Access is temporary and controlled
- There is no persistent credential risk
- Sessions are tied directly to authenticated users
Constrained Execution Paths
AI agents cannot take arbitrary actions.
Every request must map to:
- Approved JD Edwards functions
- Defined orchestrations
If an action does not meet these constraints, it is denied.
This ensures AI operates within strict, predefined boundaries.
Data Stays Within Defined Boundaries
JD Edwards remains the system of record, with controlled and limited data movement.
Each customer operates within a dedicated OCI environment with strict isolation boundaries, ensuring:
- Data is never shared across tenants
- Customer data is not used to train public models
- Data remains fully contained within its environment
Full Auditability and Traceability
Every interaction is tracked.
From the initial request to the final action, the system ensures:
- Complete visibility into what occurred
- Traceability of actions back to the user
- Support for governance, compliance, and auditing
A Controlled AI Model
The role of the AI agent is clear:
It helps execute permitted work. It does not expand authority or bypass controls.
This ensures AI enhances productivity while remaining fully aligned with existing ERP governance and security frameworks.
How the Agent Works in Defined Security Framework
Every AI agent interaction follows a defined, secure path, ensuring actions are validated, permitted, and fully traceable. Rather than operating independently, the agent acts on behalf of an authenticated user and executes only through approved functions and orchestrations. This controlled framework helps ensure AI remains aligned with existing JD Edwards security controls from request through execution.
What This Means for Your Team
Your team can adopt AI agents without introducing a new layer of uncertainty because actions remain governed, visible, and aligned with your existing JD Edwards environment.
Operate AI Without Introducing New Risk
AI agents can take action inside JD Edwards, but within a model your team already understands and controls.
No New Access Model to Manage
AI operates within your existing users, roles, and permissions, so your team doesn’t need to redefine how access is governed.
No Loss of Visibility Into System Activity
Every action remains tied to a user and can be traced, so your team can maintain oversight of what is happening in the system.
No Uncertainty Around Data Handling
Data stays within controlled boundaries, so your team knows where data resides and how it is used.
