Enterprise SaaS · sub-niche
Agent permissioning for SaaS.
OAuth + scope management when the user is an agent, not a human.
One-quarter buildHot — multiple deals per month
Why now
Every SaaS app is going to need agent OAuth. The platform layer is unbuilt.
What the signal looks like
Repos with OAuth provider libraries, MCP-aware scope managers, and audit-log frameworks.
Public examples
We name publicprojects + categories only — never founders we track inside the paid product. The buyer’s edge stays inside the product.
- Pomerium / Cerbos adjacency
- Stytch agent flows
- Open-source MCP auth libraries
What this displaces
An API key in a config file with all-access scope.
Our build-vs-invest call
New category. Real demand at AI-mature enterprises. The moat is the policy DSL + the integration footprint.
Common questions about this niche
- Buyer?
- Platform + security teams.
- Pricing?
- Per agent or per integration.
- Defensibility?
- Policy depth + integration ecosystem.
More inside Enterprise SaaS
- Workflow automation for revops — Lead routing, account scoring, opportunity hygiene — AI-native revops automation.
- B2B pricing experimentation — Test price + packaging changes at the customer or segment level, with attribution.
- Internal LLM copilots by role — Role-specific copilots (sales, support, ops) that know company data and respect access controls.
- Vendor spend intelligence — AI that catches SaaS overspend, duplicate vendors, unused seats, and renewal traps.