Earnings Call
SailPoint, Inc. (SAIL)
Earnings Call Transcript - SAIL Q1 FY2027
Operator
Good day and thank you for standing by. Welcome to the SailPoint's first quarter 2027 Earnings Conference Call. At this time, all participants are in a listen-only mode. After the speaker's presentation, there will be a question and answer session. To ask a question during the session, you will need to press star 11 on your telephone. You will then hear an automated message advising that your hand is raised. To withdraw your question, please press star 11 again. Please be advised that today's conference is being recorded. I would now like to hand the conference over to your speaker today, Scott Smith, SVP of Investor Relations. Please go ahead.
Scott Schmitz, Head of Investor Relations
Good morning, and thank you for joining us today to discuss SailPoint's fiscal first quarter 2027 financial results. Joining me today are SailPoint's founder and CEO, Mark McClain, and our chief financial officer, Brian Carolyn. For the Q&A portion of today's call, we will also be joined by our president, Matt Mills. Please note that today's call will include forward-looking statements, and because these statements are based on the company's current intent, expectations, and projections, they are not guarantees of future performance, and a variety of factors could cause actual results to differ materially. This call will also include references to non-GAAP results, which exclude certain items that do not reflect our underlying business performance. Please reference this morning's press release and our supplemental earnings presentation posted on investors.salepoint.com for further information regarding our forward-looking statements and non-GAAP financial measures, including reconciliations to the nearest comparable GAAP financial measures. additionally please note that the development release and timing of any features or functionality described for our products that are not currently available remain at our sole discretion on a when and if available basis and may not be delivered at all or should not be relied in making purchasing or investing decisions and with that i'd like to turn the call over to mark thank you scott good
Mark McClain, CEO
morning, everyone, and thank you for joining us. We're off to a strong start in fiscal 2027, delivering another quarter of robust top and bottom line growth. We believe our results demonstrate that in the new era of agentic AI, identity security is the most critical layer of the enterprise security stack, and that SailPoint is the indispensable platform. This momentum validates our strategy and our leadership position. We've been building for this moment long before the market recognized it. We are setting the standard with an intelligent end-to-end identity security platform designed to tackle today's hardest challenges, including non-human identities and real-time governance. Traction across our new products combined with our core platform is evidence our unified approach is what the modern enterprise demands. Brian will provide more details on the numbers shortly. Our performance also underscores a fundamental truth about the modern enterprise. Identity security is no longer just a compliance checkbox. We believe it is a mission-critical mandate that has quickly become the central pillar of any credible AI strategy. AI and autonomous agents are becoming an invisible workforce, optimizing supply chains, closing financial books, and engaging customers. They are driving incredible productivity, but they are also creating an identity challenge of massive proportions. Today, non-human identities and AI agents vastly outnumber human identities. For every human identity an enterprise meticulously governs, there can be 100 non-human identities or even more. We are beginning to see this shift clearly on our own platform. In Q1, non-human identities accounted for 40% of our identity growth and now represent 14% of all identities we manage in our cloud offering. This rapid growth has created a critical new risk profile. These autonomous agents can make independent decisions, execute code, and access highly sensitive data at machine speeds. Because they are often spun up outside of traditional IT purview, they can operate with excessive, unmanaged privileges. Consequently, the blast radius of a compromised agent can be extensive. It is no surprise that unmanaged APIs are a key attack vector. Legacy security models and siloed bot management tools are largely blind to this autonomous workforce. They were built for humans typing on keyboards, not for machine-to-machine decision-making. The central question for every enterprise leader is no longer if they will use AI, but how will they control it? You cannot control what you cannot govern. To address this new identity crisis, enterprises cannot rely on the tools of the past. That's why last month, we introduced a true game-changer, the SailPoint Agentec Fabric. It's a paradigm shift and will be delivered directly through our core platform. We've designed it to provide the visibility and governance the Agentec Enterprise demands. This reflects our shift from static to real-time governance. We're also delivering a dynamic, universal privilege for right-sized access and uniting identity with the Security Operations Center, or SOC, for immediate threat management. Today's enterprises cannot manage AI agents in a vacuum. To properly govern non-human identities, they must be tethered to a human owner. Our agentic fabric is designed to not only discover AI agents, but also place them into the exact context of your human workforce. Every AI agent will be assigned to an accountable human owner, and that agent will not be able to alter its own ownership. Identity without human accountability is merely visibility. By ensuring that the principle of least privilege is applied to agents just as rigorously as it is to human employees, SailPoint is setting a new standard. Furthermore, because a compromised agent operates at machine speed, manual intervention is obsolete. Defense must be proactive and instant. We expect that agentic fabric will transform identity security from a static check into a real-time control plane, offering behavioral monitoring, prompt security, and real-time authorization. Ultimately, we believe it will deliver on the core outcomes of our adaptive identity strategy, achieving zero trust by ensuring no identity is trusted by default and verifying everything in real-time. Agentic Fabric also represents a large, incremental go-to-market opportunity for us. It was designed to work everywhere to secure a customer's entire agentic footprint, whether they are a cloud customer, an on-premise identity IQ customer, or even if they use a different platform for basic access management. Sitting above all the complexity across different clouds and infrastructure, it is designed to provide a single, unified layer of governance. We believe this, quote, work anywhere, quote, architecture will be a powerful engine for growth and will cement SailPoint as the identity control plane for the modern enterprise. And we are already capitalizing on this market shift. Driven by accelerating demand across our AI and machine identity portfolio, our agentic pipeline doubled in Q1. Let me expand further on our differentiation and approach. As an identity security leader for more than 20 years, we believe we have an unparalleled understanding of what it takes to provide comprehensive identity solutions. We have architected a foundational end-to-end identity security platform to govern all identities. SailPoint Identity Security Cloud anchors our protection of human identities, while our new agentic fabric extends that same rigor to agentic governance. Together, they are designed to create a unified approach to managing every identity across an enterprise. For many of our competitors, identity is a new business unit. For us at SailPoint, identity is our identity. That is why we are winning. At our core, our differentiation is defined by uncompromising breadth and unyielding depth. Breadth means we secure every identity from full-time employees and contractors to RPA bots, cloud resources, and the new wave of autonomous AI agents. A core strength of our platform is the ability to extend this governance across the enterprise, securing not just modern cloud applications, but the highly complex, disconnected, and custom legacy systems that most other vendors simply cannot reach. But breadth without depth only provides visibility, not security. Our key advantage is our depth, the ability to apply deep, contextual governance to every identity. In our experience, most identity security tools stop at discovery. But discovery without ownership is just a list. It's visibility without accountability. SailPoint provides that critical link, mapping every non-human identity to a human owner. We believe this profound depth of context makes us an indispensable identity platform for the enterprise. And this comprehensive value proposition is resonating in the market. In Q1, we saw a greater than 50% ARR increase in customers that adopted our advanced non-human identity capabilities. This is a clear signal of customer demand. They are not just buying features, they are buying control over their AI strategy. Let me give you two examples from this past quarter. First, a highlight of the quarter was a significant competitive displacement at a major North American retailer. Following a disruptive cyber breach that cost the business tens of millions of dollars and amidst complex ERP integrations, the company realized a siloed approach to identity was a critical vulnerability, especially given their lack of visibility into machine and agent identities. Partnering with Deloitte, we proved our value, resulting in a five-year commitment to centralized management of both their human and non-human identities on the SailPoint platform. The second example is a platform modernization at a large insurance company. Executing a cloud-first mandate to shut down their data centers and reduce tech debt, They leveraged our modernization FLEX program to migrate to our identity security cloud. This added high-value security automation and an immediate ROI. This modernization also fundamentally strengthens their risk posture, which is increasingly essential to meet today's strict compliance and regulatory drivers. We expect our competitive advantage to only amplify as these regulatory pressures intensify. Recent AI risk frameworks from the Treasury and NIST, combined with the legal mandates of the EU AI Act, mark a critical turning point. They are forcing a shift away from theoretical discussions and toward a mandate for strict, auditable controls over non-human identities and their relationship to a human owner. The market is validating our leadership, and the ecosystem is increasingly choosing SailPoint as a definitive governance platform. We recently announced an integration that brings Anthropic's Claude Enterprise directly into SailPoint's governance framework. By managing both human users and Claude AI agents under one control plane, we are working to eliminate the blind spot of shadow AI. Beyond Anthropic, Tailpoint Agentec Fabric is architected to integrate natively with all three major hyperscalers. With AWS, it is designed to govern both Amazon Bedrock and AWS IAM roles directly. As we bring this to market, it will leverage Sailpoint's extensive library of out-of-the-box connectors to govern agents across any environment, from the latest cloud services to complex legacy applications. This reach allows us to automatically discover agent privileges within major SaaS platforms like Salesforce, while strictly dictating the data sets agents can query in platforms like Snowflake. Finally, to ensure immediate defense, our CrowdStrike integration is built to close the loop, triggering automated access remediation during live security events. We are building this new era of agentic security directly upon the strong foundation of our core platform, the same proven foundation that already unifies identity, security, and data intelligence for many of the world's largest organizations. By delivering a single, consistent identity security framework that spans human employees, cloud resources, and autonomous AI agents, SailPoint empowers the enterprise to harness the power of AI with absolute confidence. Our customers don't just secure AI, they secure their future. I look forward to unpacking more of this vision, along with our financial framework, at our Investor Day next week. But with that, I'll turn the call over to Brian to discuss our financial results and outlook in more detail.
Brian Carolan, CFO
Thank you, Mark. Good morning, everyone, and thank you for joining us today. We are very pleased with our strong start to the year, delivering a first quarter with ARR, revenue, and adjusted operating margin above the high end of guidance. We ended fiscal Q1-27 with ARR of $1.163 billion, an increase of 26% year-over-year, with SAS ARR of $781 million, growing 36% year-over-year. Net new SAS ARR was $35 million, up 5% as reported, and over 30% on a constant currency basis. Overall, our first quarter results highlight the durability and consistency of our business model. We saw continued strength across our core growth drivers, key metrics, and margin profile. Let me provide a few examples. First, we continue to see balanced growth. Our top line is fueled by a healthy mix of new logos and strong expansion from our existing customers as they increasingly standardize on our platform. Second, deal sizes are expanding. We see customers making larger commitments, driving our average ARR per customer up 18% year-over-year to over $350,000. Third, our enterprise momentum remains strong. We ended Q1 with 225 customers, generating over $1 million in ARR, representing a 32% increase year-over-year. And finally, we drove strong operating leverage, leading to approximately 330 basis points of adjusted operating margin expansion year-over-year. Platform modernizations also remain a key catalyst. ARR from migration activity more than doubled year over year as enterprises continue to modernize with our identity security cloud platform. This contributed to an increase in our SaaS mix, which accounted for 92% of net new ARR in the quarter compared to 69% in Q1 of last year. A large part of what's fueling this migration success is the growing adoption of our Navigator's flex pricing model. In Q1, approximately one-third of our migrations leveraged our modernization flex offering. This flexible structure is also proving highly effective in accelerating the attach rate of our new offerings. As a result, the ARR contribution from our emerging products more than doubled year over year, representing 20% of the net new ARR in Q1. This growth is being driven by strong demand for our non-human identity solutions, our non-employee risk management offering, and recent product introductions. We expect the launch of our new Agentex suites will continue to drive a growing mix of AI-related revenue. We look forward to sharing more details on our expectations at our Investor Day next week. Looking at our overall financial performance for the fiscal first quarter, we delivered revenue of $280 million, an increase of 22% year-over-year, With SaaS revenue growing 35%, dollar-based net revenue retention remained robust at 113%. Our adjusted operating margin in Q1 was 13.5%. We also continue to generate strong cash flow with $38 million of cash from operating activities and $33 million of free cash flow, which represents an 11.6% free cash flow margin. We ended the quarter with $391 million of cash and cash equivalents. Turning now to guidance. For simplicity, I will refer to the midpoint of our guidance ranges where applicable. Full details can be found in this morning's press release and supplemental earnings deck, where you can also find additional modeling notes. For the fiscal second quarter of 2027, we expect ARR to be $1.22 billion, up 24% year-over-year. We expect revenue to be $310 million, an increase of 17% year-over-year, with adjusted operating margin of 18.4%. We expect our diluted share count to be approximately 571 million shares and adjusted EPS to be $0.07 to $0.08. For fiscal year 2027, we are flowing through the Q1 upside in ARR, revenue, and adjusted operating margin to our full-year guidance. For ARR, this translates to an increase of $8 million to $1.369 billion, up 22% year-over-year. For revenue, we are raising our revenue guidance by $5 million to approximately $1.27 billion, an increase of 19% year-over-year. And we are raising our adjusted operating margin guidance by 50 basis points to 19%. We expect our diluted share count to be approximately 580 million shares and adjusted EPS to be $0.32. We expect to generate approximately $200 million of free cash flow in fiscal year 2027. Consistent with last quarter, our fiscal Q2 and full-year 2027 guidance assumes 90% to 95% of net new ARR will come from SaaS as customers leverage the continuous innovation we are building into our cloud platform. As a reminder, as our SaaS mix increases, it may cause short-term fluctuations in our P&L. We firmly believe this shift towards SaaS is a long-term value driver for the business. In summary, we believe our strong results, consistent growth at scale, and innovative product roadmap position us extremely well for continued success in the AI-powered future. We remain committed to driving durable, profitable growth, and we are optimistic about our ability to deliver long-term value to our shareholders. We look forward to updating you further at our Investor Day next week. With that, let's invite Matt Mills, our president, to join us and open the call for questions. Operator?
Operator
Certainly. As a reminder, to ask a question, please press star 11 on your telephone and wait for your name to be announced. To withdraw your question, please press star 11 again. In the interest of time, please limit yourselves to one question. Our first question will be coming from the line of Rob Owens of Piper Sandler. Your line's open, Rob.
Rob Owens, Analyst — Piper Sandler
Good morning, everyone, and I appreciate you taking my question. Mark, I wanted to drill down a little bit into your prepared remarks this morning and all the momentum we're seeing in Agentec. And, you know, it hasn't shown up in a lot of vendors' results at this point. So first part of the question, one question, but obviously two parts, What are end customers doing right now? And to the extent that you're seeing all this momentum around your agentic pipeline, I think you mentioned that it doubled in the first quarter and the new agentic fabric capability out. How should we think about how that plays out within this year? Because, as Brian mentioned, you just flowed through the upside here. So when does this begin to impact results? Thank you very much.
Mark McClain, CEO
Sure. And thanks, Rob. Good to talk to you. Yeah, look, I think in general, I'll flip the deeper answer to Matt in a second because he's much closer to what we're seeing out in the field and engagements. But I think in general, you know, we punched up the messaging around AI at our Navigate conference. We obviously launched the agentic fabric just last month. And we've been seeing a nice, steady pipeline build that I would say has increased pretty notably, as we said in our prepared remarks. So it's not surprising to us that we haven't seen that show up heavily in results yet. but we do see a fairly significant momentum building. And so that's sort of why we guided where we did, landed where we did, and are comfortable that we see additional benefit coming as customers are beginning to wrestle with it. Let me flip that part of your question, Rob, to Matt about what customers seem to be engaging with us on, the kind of questions they're asking, the issues they're wrestling with.
Matt Mills, Other
Yeah, thanks, Mark. Hi, Rob. Look, a couple things I'll just share with you. If you look at our customer base, about 10% of our customers now have adopted AI. So we're kind of chipping away at that. If you look at our most recent quarter, about 40% of our new identities were non-human, right? So, again, we're kind of making progress to that. And if you look at our total identities under management now, it's about 14% are non-human. So we're starting to make a lot of traction. I think our recent announcement here on May 11th really excited a lot of folks. And I'll share with you some of the things that the guys in our field are doing. We've created these workshops, and we're actually going in and meeting with customers and prospects, to be fair, mainly customers. But what's interesting is in these workshops, they're a couple of hours, and our field teams that bring a little bit of technical progress around AI sit down. And we actually get together the identity management folks, which is a no-brainer, but also we bring the AI team and the security team. And oftentimes, especially in some of these larger enterprises, we're actually doing an introduction for them, right? They haven't really met. And now we're really starting to get into solving some of these problems, bridging the AI and identity gap, forcing architecture clarity, uncovering really critical vulnerabilities. I mean, some of the stories that we get are repeated, right, from company to company, but they're also eye-opening. And, you know, look, we're actually starting to see, I don't want to say a dramatic acceleration of the sales cycle, but an acceleration. When companies start to understand this and understand some of the challenges, we're starting to get a lot of top-of-funnel attraction. As Mark said, our pipeline's doubling every quarter since inception. And, look, I think our perspective is that there's a ton of interest, and I think you're going to start to see it move. But the question ultimately is, you know, when.
Operator
And our next question will be coming from the line of Brian Essex of J.P. Morgan. Your line is open, Brian.
Brian Lee Essex, Analyst — J.P. Morgan
Hi, good morning. Thank you for taking the question and a nice strong start to the year. You know, maybe, Matt, for you, I just wanted to see if you could give us an update on the SaaS conversions, particularly, you know, if you reflect back on when, you know, when SailPoint was public before and we heard a lot about identity being a bottleneck for transformation initiatives. Are you seeing the same thing with regard to AI, and how does that impact the pace of conversions and the backlog that you might have on that side?
Matt Mills, Other
Yeah, thanks, Brian. Look, I think there's a couple of things that are top of mind for a lot of the customers you talk with from an AI perspective, And one of them is just the sheer unknown of agents and the numbers, the non-humans, I'll say. I think that continues to be, you know, how many do we need? I do think, you know, over the last couple of months, we've kind of passed this inflection point of, do I need it? I mean, are we going to use agents? I don't think we're getting that response from our customers or prospects anymore. I think everybody's kind of crossed over and said, this is here. We're going to have to deal with it. And I think to that end, that's helped a bit. But I do think that the cost issue and how am I going to deploy these is a big issue. And I think we try to solve some of that with our new pricing, right, to try to take away some of the inhibitions and blockers that may, you know, cause, you know, CFOs and, you know, operating executives a little bit of consternation.
Operator
Thank you. Our next question will be coming from the line of Metta Marshall of Morgan Stanley. Your line is open.
Meta Marshall, Analyst — Morgan Stanley
of just kind of the price discovery that's happening, you know, just as you guys are kind of having customers have more agents within the mix. You know, is this where Flex is going to be most helpful or just kind of how adaptive do you feel like pricing around agents is going to get?
Matt Mills, Other
Yeah. Hi, this is Matt. I'll jump in here and then, you know, Brian can jump in here and Mark. Look, we've released this new hybrid consumption pricing model. I was kind of referring to it here a few minutes ago, and it's all about flexibility and scalability. What we have found is, as I said, a big inhibitor in companies that's leaning into this agentic adoption is the unknown NHIs, non-humans, and the sheer cost of these agents. And so, I mean, really, here's the essence. We've started our new pricing around human identity licenses, right? And each one of these includes a baseline of non-human identities like agents or bots at no extra charge up to a certain ratio. So as your usage grows, you can add capacity packs for whatever you truly need, whether that's more non-human identities, additional API calls, expanded workflows, or longer data retention. So the cost of scale really is precisely with your actual use and gives you a predictable start and flexible growth. As it relates to our flex pricing, I think the ones that you'll continue to see a ton of is really around our flex modernization. I think that helps really solve some of the economics of these migrations or modernizations, as we like to call them, and it gets folks started, and really, it's really around this first year, right? So those are the kind of things that our modernization flex solves. and our digital flex, which really was prior to what we announced with SAF, right? The digital flex probably transitions into SAF. So you probably won't see as much of that.
Operator
Great. Thanks. And our next question will be coming from the line of Joseph Gallo. Of Jeffries, your line is open.
Meta Marshall, Analyst — Morgan Stanley
Hey, guys. Thanks for the question. Brian, it was great to see, you know, SAS ARR or NetNew ARR was up, you know, 5% reported, but 30% constant currency. Can you just remind us of the FX dynamics? You know, what was the, you know, constant currency total ARR growth in the quarter, and how you're thinking about that within the guide? Like, you know, what's the headwind to the full-year guide that you've kind of laid out?
Brian Carolan, CFO
Sure. Hi, Joe. Thanks for your question. Yeah, I think we're pleased with the results. I think it's playing out as we expected. We did see 26% ARR growth. You know, if you look at that on a comparison to even Q4, there was about a one point of an FX headwind in that number. So that was playing into it. But, and also we were coming off of net new ARR, a challenging comp from last fiscal Q1. But if you normalize that, you know, for currency, we're up mid-single digits overall, but more importantly for SaaS, where we saw 36% SaaS ARR growth, The net new ARR for SaaS was up 5%, but for constant currency was up over 30%. In fact, it was 36%. So, I mean, we're really leaning in towards the SaaS line of products for us. Our customer count grew 16% year over year. I mentioned 92% of our net new ARR was SaaS. We doubled our migration from SaaS ARR, more than doubled year over year. As Matt said, you know, the flex pricing models are also adding to that. So we're really pleased, and I think that in terms of the guide, it is what it is. In terms of our expectations, we're still modeling that 90% to 95%. Net new ARR will come from SAS, and we feel good about that.
Operator
Thank you. Our next question will be coming from the line of Saket Kalia of Barclays. Your line is open.
Saket Kalia, Analyst — Barclays
Okay, great. Thanks for taking my question here. So, Mark, maybe for you, you know, I thought the use of flex in migrations or modernizations was really interesting, particularly how it's pulling through more of your emerging product. So, maybe the question here is, what emerging products are getting pulled through the most in those types of modernizations? And, Brian, as part of that, how do you kind of think about that emerging ARR mix sort of trending this year or long-term, however you want to think about it?
Mark McClain, CEO
I guess I'll pick up the first part. Yeah, I think as we've done this announcement of the agentic framework, you know, what we're focused on there is making it easier to kind of consume anything and everything related to this agentic move that customers would want. That was kind of, as Matt said, what we initially tried to focus on with our digital flex pricing model. But increasingly, we're like, people just sort of want a consolidated answer for their agentic move, and that gives them one. And so some of the things that we were calling emerging products are, in fact, rolled into that for sure. We've pointed out in the past that the bulk of the emerging product growth, the scale of it was coming and the speed of it was coming from those digital flex-related products, what we were calling MIS and AIS, et cetera. And then I think as we look forward to the emerging products mix going forward, you know, we do see tremendous pull for this agentic framework. Now, that's the pipeline build we've been talking about. So I think Brian can give you a sense of how that emerging product, part of our overall ARR growth, will be looking as we go into the rest of the year.
Brian Carolan, CFO
Yeah, I think, you know, what we really look at is in terms of our NRR growth, it's really quite balanced. A strong component of that is migrations and emerging products. And we're still early stages when you look at the migration opportunity, right? We have about $350 million of on-prem ARR sitting there. And as we've talked about, we typically see a 2 to 3x multiplier upon time that we migrate them from on-prem SAS. And then also contributing to that is the emerging products. And we're still early days, especially with things like Agentic. We're seeing that on a relative basis, one of the fastest contributors. But, again, early stages and a lot of upsell opportunity and cross-sell opportunity to come.
Mark McClain, CEO
But to your point, I think about a third socket of those migrations this year did include some of those emerging products. So we're seeing that become a natural motion as people move from IAQ to the security cloud. They're coming along with some of these emerging products, typically, again, those related to Agente.
Operator
And our next question will be coming from the line of Keith Backman of BMO. Your line is open.
Keith Bachman, Analyst — BMO
Yes, thank you very much. I wanted to ask about the state of readiness on the AI side. What I mean by that is a part of what customers are looking for in the identity platform is real-time dynamics in that there's been some behavioral issues when AI agents are deployed. And so, you know, has that been an inhibitor in terms of the total platform as one example? You've announced that your governance capability for agents is now real-time. Do you think that helps unleash incremental interest? And the second part of the question is, are there other things that need to be addressed as we look out of the balance of FY27 that would help generate incremental interest in the AI platform? Or do you feel like you have what you need to generate sufficient demand? Because really what investors are kind of looking for, going to Rob Owen's question, is it doesn't seem to be showing up in the numbers.
Mark McClain, CEO
Yeah, I'll start with that, Keith, and I'm sure the other guys may jump in. Like we said, I think we are seeing customers much more active in dialogue and evaluations, which is why we're talking about pipeline build. I did think if you go back to our commentary late last year, even earlier this year, we were saying we were seeing this momentum building, but we didn't think it would start to necessarily affect the numbers in the first half, and we'll see how next quarter, this next coming up quarter shows up. But more likely, we see some of that momentum we think continue to build. So the strategic – excuse me, strategic – SailPoint, a genetic framework, SAF, that has generated, as Matt said, a kind of an inflection in activity in our field, like these workshops and these engagements we're having where bringing together the identity and security and AI team is kind of a new thing in many of these very big shops. And when you get them in the room together, they start to realize, again, all those sides of the elephant, that old metaphor. And so I think as we see that building, we see that what we announced in the agentic framework with some of that real-time capability being very critical. But I'd say the other move you'll continue to hear us focus on is how important it is to increasingly have a real-time view of the human environment. Because in our minds, what we're seeing from customers is the great majority of the agentic things they're doing are going to be very tied in to the human world. And so we believe that the big moat we are going to have is we understand that human governance world and the security posture of access privileges better than anybody across that human environment. And since most of the agentic work that's coming is tied to that, we think that's going to be a pretty significant driver for people seeing us as a critical part of this solution. because I think they're starting to realize you can't manage agents in some sort of isolation from the rest of the environment when those agents are generally acting on behalf of humans. You have to understand the human security posture to know how to apply that to the agents that are working on their behalf. So when you ask have we got all the pieces, we launched a lot of new tech in the context of the agentic framework. We've got an analyst day coming up, and you can continue to assume that we will be bringing more things out that round out that strong agentic story in the context of the human. That's a theme you're going to hear from SailPoint very strong this year, and I think it's going to be challenging for others who don't have our legacy, quote-unquote, historical, let me not say legacy, historical context of the human environment in terms of how well they can manage agents. That's probably the main things I'd say on that. Does that help, I hope?
Operator
And our next question will be coming from the line of Peter Levine of Evercore. Peter, your line is open.
Brian Carolan, CFO
Thank you, Jim. I'm going to take my question. Maybe just to follow up with some of the prior questions, you know, you call out 14% of the agents are now non-human, 40% gross in non-human identities year over year. Is there a way for you to quantify what that equates to in, you know, ARR or ACV? And then second, you know, are you seeing customers willing to pay separately for discovery versus governance versus real-time enforcement? And then maybe just kind of pinpoint a little bit more on what your customers are willing to pay for in terms of non-human identity, you know, monetization. So just as a data point, 20% of our net new ARR came from our emerging products, of which a significant portion was AI generated. And, again, this is still early days for us. I mean, we're just on the launch of our SailPoint Ingentic fabric. We've got new pricing models coming out. So we're really excited about, you know, the potential. And we're also seeing, as we mentioned, the pipeline doubling for AI quarter over quarter. So I think that we're really well positioned heading into the rest of the year. We expect it to show up towards the latter half of the year. We're building very minimal into our guidance for the time being. So we would expect this to be hopefully a net positive.
Operator
And our next question will be coming from the line of Gray Powell of BTIG.
Meta Marshall, Analyst — Morgan Stanley
LLC, your line is open. Okay, great. Thanks for taking the question. Yeah, I guess maybe a follow-up on some of the AI security offerings. I'd really be interested, like, how often is the buyer of your core identity product the same persona that you're selling agent identity security into? Like, is this a CISO motion? Is it a completely separate AI buying center? And then when you get into these discussions in more detail, who do you find yourself most frequently competing against for agent identity security?
Matt Mills, Other
Yeah, hey, Greg, this is Matt. A couple things. Look, yeah, the personas are changing. I think we've shared this in the past. We've kind of created an overlay sales group that's, think of them as hybrids, right? They bring a much greater depth of knowledge, much like an SE, but they do it in a way maybe you'd want from a sales rep, right? And if you look at these guys, they really get out of the traditional silo of selling up through the identity group into the CISO and the CIO. There's two other groups that we find that are pretty common now in these companies. One is AI, and the other is the security groups. And the three of them together kind of, you know, drive this. Now, what's interesting is if you were to just go up the traditional silo up through identity management, you're going to be missing out on a lot of opportunities. It appears that in a lot of these companies now, the budget in and of itself is actually on the AI side of the house. So we've made a huge effort to work our way up there. These workshops that I referred to earlier, they all kind of start with that AI team, and through that we pull in the traditional identity management and then the security teams. Because I do believe it takes all three of them, ultimately, to be able to get through this. You know, I think the contracts still get signed and come up through your traditional CIO rank and file, but a lot of the budget money and a lot of the process will go through the AI team. So that's becoming a pretty common place. As it relates to the competitive landscape, look, I know there's a lot of conversation around Palo Alto and CyberArk, Okta. To be fair, we still don't see them every day. You know, we'll run into them on occasion, especially in the areas that we get into. I think probably more of the common, you know, conversations around, you know, some of the emerging players in, you know, the agentic space. And I think the thing that's really interesting is everybody wants to know what they don't know. So discovery is a big thing, and then the ability to actually see what you discover. And that's what a lot of these smaller emerging companies do, and they're pretty good at that. The problem is once they discover the problem and they tell you about the problem, they don't have any wherewithal to be able to help you solve the problem, and that's kind of where we come in. We'll discover it. We'll give you visibility to it. And then we'll give you the ability to take action on it, govern it, remediate it if you need be, right? And so, yeah, we see those folks often, but we don't really lose too much when we start talking about all of the whole package relative to being able to discover and then actually do something about the problem.
Operator
And our next question will be coming from Shaul Yau. of td cohen your line is open shaw thank you um good morning guys um so it it appears as if the
Meta Marshall, Analyst — Morgan Stanley
focus today seems to be driving more adoption uh but but over the next few years what is the monetization framework uh should we expect revenue growth to be driven primarily by increasing numbers of uh non-human identities or broader platform adoption or just you know a shift towards more consumption-based pricing or maybe all the above just trying to frame it thank you yeah no look i
Matt Mills, Other
i i think we would tell you that you're going to see the vast majority of of growth coming around the non-human um and then i i think if you look at our pricing we've identified what we call performance metrics and there's about a half dozen of them that really have to do with what you're doing with these non-humans. So, like, API calls, you know, how many workflows you're using, storage, how long, you know, if you're using our graph, not only the amount of data you're putting in there, but how long are you keeping it for. I think we call aggregations where it really talks about the complexity of your environment. All of those things will be part of the consumption-based pricing going forward.
Operator
And our next question will be coming from the line of Todd Willer of Stevens. Your line is open.
Rob Owens, Analyst — Piper Sandler
Yeah, thanks for taking the question. Just, Brian, maybe a question for you. Could you talk about the outlook for the term piece of the business for the rest of the year, and if there's anything we should be thinking about on that front?
Brian Carolan, CFO
Yeah, I think we're still seeing this play out as expected with respect to the ongoing acceleration of SaaS over term. We would expect 90 to 95 percent of the net new ARR to be driven by SaaS. And, again, that's a reflection of all the innovation that's going into the SaaS platform and the strong migrations that we're seeing showing up in the pipeline. So I would continue to model it that way. Again, as a reminder, as we go through that transition, it does present a little bit of a headwind to revenue growth and also operating margins that we called out last quarter.
Matt Mills, Other
Thanks.
Operator
And our next question will be coming from the line of Joshua Tilton of Wolf Research. Your line is open, Joshua.
Meta Marshall, Analyst — Morgan Stanley
Hey, guys. Thanks for sneaking me in. Maybe just a follow-up to the last question. Is there any way you could help us understand what SAS net new ARR is growing when you back out the benefit from this conversion story and just maybe remind us what you guys are expecting as a contribution to SAS ARR growth from conversions this year? Thank you.
Brian Carolan, CFO
So, we can talk about this in total ARR growth. So we typically say out of the net revenue retention of 113%, we're like low single digits when it comes to the impact of migration activity, and that's been fairly consistent. It's one of the bigger contributors to the net revenue retention. And then with respect to your second question on the growth of migrations for the year and the contributor, we're modeling internally about 10% of our on-prem base would migrate towards SaaS. It could go up from here in terms of the ongoing opportunity that AI represents for us, but for now, we would expect it to be about 10%. And that's on top of the 15% we've migrated life to date.
Mark McClain, CEO
Are you guys tracking ahead of that 10% today? Like, how should we think about that?
Brian Carolan, CFO
Pretty much right in line with that through Q1.
Meta Marshall, Analyst — Morgan Stanley
Super helpful, guys.
Brian Carolan, CFO
Thank you.
Operator
And our next question will be coming from the line of Matt Matt of RBC Capital Markets. Your line is open.
Meta Marshall, Analyst — Morgan Stanley
Hey there, guys. Thanks for taking my question. You know, I guess for Mark or Matt, I mean, you talked about a strong demand environment. AI is driving a lot of interest in SailPoint. You know, I guess I'm wondering, you know, a lot of the other cyber calls that we're having, you know, their focus is on VITOS and a lot of, you know, I guess, concerned questions about what that means for cyber spending. I guess I'm, you know, you didn't bring it up in your script, so I imagine it's probably not much of an impact in your sales. But I'm curious, you know, But is there an element of that slowing down, you know, customer buying decision because they're just so concerned about the threat of Mithos?
Mark McClain, CEO
Hey, Matt, this is Mark. I'll take that one. I was wondering if this might come up in some fashion. I had a really interesting conversation with one of the lead players and one of our key partners yesterday. I think what we may see is an interesting kind of two-part story there, right? What the initial release of Mythos and the other products from OpenAI that are similar with the security, you know, tools that can find vulnerabilities has shifted a lot of focus to patch, right? We've got to close all these gaps and close all these exposures in our code. But I think we're going to see very shortly behind that how those same kind of tools are going to get used to try to work identity-based compromise, not patch discovery. How can a tool like a mythos be used by a bad actor to compromise identity and find their way into systems using some sort of credential compromise? Let me just call it that, Matt. And I think when we see that, and I think we will see that, I think it's going to draw even more attention to how much risk is associated with identity, not just bad code. There's clearly risk with bad code. We're seeing some of those stories come out where, you know, the AI tools are discovering, you know, not great code that needs to be fixed or the bad actors can exploit it. We know that bad actors without AI have already gotten pretty good at exploiting identity of vulnerabilities. When you point these tools at those issues, I think we're going to see an escalation of that. So I think the short answer, Matt, is we're not seeing it yet in our pipeline, I would say, directly. I think we'll see some identity compromises from these tools, and that I think will put more spotlight on that. In the short run, there is, I think, an increase in security budget focus, and it is, I think, largely focused on these vulnerabilities and patches. But I think right behind that, you're going to see how those same tools are used to exploit identity vulnerabilities, and that's, I think, going to continue to put some tailwinds into our story.
Meta Marshall, Analyst — Morgan Stanley
Super helpful, guys. Thanks.
Operator
And our next question will be coming from the line of Richard Poland of Wells Fargo. Your line is open, Richard.
Richard Poland, Analyst — Wells Fargo
Hey, guys. Thanks for taking my question here. I think we talked a lot about, I guess, the direct monetization opportunity around AI as well as some of the migration stuff. Is there any, I guess, conversations you're having with customers now that they're kind of like, hey, you know, we really do need to modernize our overall identity stack. Maybe they didn't have IGA prior, and now they need it. Anything like that that you're kind of seeing as, like, some of the initial lift as these budgets open, just to kind of follow up on Matt's question?
Mark McClain, CEO
I'll jump in, and probably Matt will add to this one, Richard. I think what we find is part of the reason when we launched the agentic fabric that we allowed that to be sold independently, not only into our IAQ base, but even to some of our competitive legacy players, like at the IBMs and the Oracles of the world, is, in a great world, in our minds, customers would get all their human identity all shored up and fixed, and then they would move forward to Agentec. There is so much concern about the Agentec world. We wanted to say, if you want to get an initial foothold going there, we'll help you do that with the Agentec framework. But again, we're going to stand by our point of view that your ability to manage Agentec really well will be hampered unless you also have great controls over the human side. So what we may find is people leading from either competitive products or even our own IQ products into the agentic fabric first. But in most cases, we would like to see people get down the path with a very strong, robust human management that then extends into these agents, which, again, in our minds are primarily tied to humans and their activity this year and into the future. So that's the path we'd like to see them take. That's the path we think is most beneficial. But because of this market pull for this concern around Agentec, we needed to make sure that offering was available to anybody, no matter what their legacy IGA position.
Matt Mills, Other
Yeah, and, Richard, I would just add, look, I think you're spot on. Most customers and prospects we talk to, you know, they have this mindset that they've got to solve Agentec, and they have agent problems, and then they go directly to, but, look, I've got other problems, right? And when you look at our surveys, there's a ton of customers, most of them, right, 60% are in the early stages of their IGA deployment, if you can believe that. And so when you look at what we have built in our next generation, our agentic business and agentic business plus, we're extending our single enterprise platform to govern every human and every non-human identity under one consistent policy framework, eliminates all these identity silos. Organizations can apply uniform compliance, auditing, and risk management across their entire workforce. So you're getting a hybrid solution that handles your traditional governance, right, and gives you a pathway to be able to move into the agentic world. So that's certainly top of mind for us.
Mark McClain, CEO
Yeah, we think folks are going to adopt, as Matt said, one of these new kind of startup agentic tools and try to, say, marry that with an old IBM deployment. They're going to run into all kinds of issues very quickly and try to get a single comprehensive view of their identity risk across that landscape. So we'll see some of that activity, I think, still in the market where people are, you know, buzzing about agentic and they need to go grab some tool. And there's some, you know, sexy tools, quote, unquote, coming out of the startup Silicon Valley world. But I think it's going to become very apparent very quickly. You can't manage that in isolation. And if you don't have a strong human identity framework to tie it to, you're going to have issues. So we're watching some of that unfold. And we'll keep folks in mind who have made that earlier choice of a startup tool and see how that's going in the six-month period.
Richard Poland, Analyst — Wells Fargo
Really helpful. Thank you both.
Operator
And our next question will be coming from the line of Jonathan Ruckhaber of Cancer Fitzgerald. Your line is open, Jonathan.
Meta Marshall, Analyst — Morgan Stanley
Yeah, thank you, and good morning. I'd just like to dig a bit more into digital identity flex, and just what are you learning about customer adoption patterns? Are customers consuming more machine identity capacity or agent identity capacity today, or is it a mix?
Matt Mills, Other
Yeah, look, I do believe there's this, in virtually every customer and prospect we talk to, this process of figuring it out or discovering, right, understanding what we have. You know, we've got a number of tools now that you actually go out and they'll tell you, you know, take shadow AI, for instance, what everybody in your company is using, what data they're using, and that in and of itself kind of becomes a big opportunity builder because most don't have that kind of data. And, you know, we've said, I think as others have, you can't govern and manage what you can't see. So that's a big part of, you know, the process in building out this comfort level, if you will, for people who are interested in solving the problem.
Mark McClain, CEO
Yeah, and, Jonathan, the only thing I'd add to Matt's point there is, you know, the all non-agentic part of non-human, that's clear, right? In other words, there's all these machines and service accounts and bots and all that stuff. So there's already risk associated with that that people, I think, are attuned to. What we believe is as agentic starts to really take off, there's a huge tie to those kinds of capabilities in the agentic world, meaning agents are going to be leveraging service accounts and other technologies to do their work to access data. And so not only is there a big unsolved problem today in pure non-human pre-agent, if you will, But that problem with all the other types of non-human is going to get much more difficult in the context of an exploding agent usage problem, because all those agents are leveraging all those other non-human types of technologies to do their work. So it's both an existing unsolved problem, pre-agent, if you will, and now it's going to get escalated as agents leverage all those other non-human identities to do their work.
Meta Marshall, Analyst — Morgan Stanley
Helpful. Thank you. You bet.
Operator
And our next question will come from the line of Gabriela Horses of Goldman Sachs. Gabriela, your line is open.
Gabriela Borges, Analyst — Goldman Sachs
Hi, good morning. Thank you. I think this one is from Matt. There is some really interesting commentary about self-sending field teams to customers, a combination of AI experts, security experts, architecture experts. My question for you is how much are you noticing heterogeneity versus homogeneity in how customers are approaching the agentic problem, meaning are you finding that customers are looking at all – because they're looking at all kinds of different ways to solve the agentic problem, they end up having to maybe customize some of the sale point offerings that you need to problem solve with them more because every customer is sort of a unique animal. Maybe just talk a little bit about whether you're seeing consensus on different types of agentic strategies or whether it still feels like the Wild West out there.
Mark McClain, CEO
I'll jump in and let Matt add to that, Gabriel. Well, look, I think what we're seeing is in the type of large, complex enterprises we have traditionally excelled at serving, they are going to have a plethora of different types of agents. They're going to have the vended agents from all the big names you'd expect, the service nows, the sales forces, the work days, et cetera, and they're going to have a lot of bespoke agents that they're developing internally uniquely for their environments, and therefore, and they're going to develop some in their AWS environments, and they probably already have other hyperscaler environments like Azure in their environment. These big shops are almost never homogenous in any way, shape, or form about technology. And that complexity, that heterogeneity is why a platform like our agentic fabric is so attracted to them because it says we can give you a single comprehensive view of all of that agentic world, no matter where it's come from, whether it's come from vendors or your own development across various different environments, that's what they're attracted to. What they're actually focused on varies customer to customer, frankly. And you're right, it is the classic enterprise challenge of every customer is kind of a snowflake, not to confuse it with the company's snowflake. It's just a, you know, unique, you know, configuration of technologies in every one of these shops, and that's why a kind of cross-platform will handle whatever you've got. And as Matt and I have been saying, in the context of your human identities, it's such a unique value prop to these customers. I think it's why they're pretty excited about engaging in these workshops and trying to understand how to solve the problem comprehensively.
Matt Mills, Other
Yeah, I would just add, you know, if you listen to Chandra, right, he'll tell you that our platform really is that aggregation point of all things context-wise from an identity perspective. So we talk a lot about bring your own endpoint, bring your own discovery. We'll take all that in, as Mark said, because there is a huge amount of diversity in each of these. You get into some of these larger enterprises, right? So, I mean, that's our objective, to become that gathering point for all of this type of context and bringing it together in the form of identity.
Gabriela Borges, Analyst — Goldman Sachs
Thank you for the do so.
Operator
And we do have time for one more question. Our last question will be coming from the line of Junaid Siddiqui of Truist. Your line is open.
Meta Marshall, Analyst — Morgan Stanley
Thank you for taking my question. You know, as the number of agents proliferate in an enterprise, you know, there's this concern that's going to potentially reduce the number of human seats. So are you seeing any pressure on seat expansion or consolidation within your install base or seeing any increasing seat-based pricing scrutiny and optimization efforts across the enterprises?
Matt Mills, Other
Yeah, this is Matt. Look, I think there's always talk, right? And just based on all the headlines and all the media, there's always talk about seat compression. I don't know that we've seen much. I think the thing you have to remember is that when you think about all the different contracts that are out here in these companies, they're all seat-based, right? And all the procurement people, that's their point where they recognize how this thing all works. So, you know, I think the seat-based pricing is going to continue to be around. I don't necessarily think it's going to fall off the chart here anytime soon. It's kind of what we've used as an anchor. I think a lot of others are kind of going down that path. But, you know, to your point, we haven't really seen a big reduction in, you know, states or humans at this point.
Brian Carolan, CFO
And the opportunity coming from the non-humans far outweighs any kind of deceleration we would see in the human identities.
Scott Schmitz, Head of Investor Relations
Great. Thank you so much.
Operator
And I would now like to turn the call back to Mark for closing comments.
Mark McClain, CEO
Well, thank you, everyone. Appreciate you joining the call, T. I think if we'd leave you with a closing thought, it's that we are still in the very early innings of this agentic revolution, particularly how companies think about the security aspect of it. And, you know, we've got a good, healthy, growing business, especially with a little bit of that effect almost, you know, kind of down the fairway of where we've been, really, on many respects. But we're signaling as clearly as we can that we see significant momentum building. And to the question many of you have asked we do think that will start showing up in the numbers we are excited for that potential and we'll try to reflect that as appropriate in future guidance as it makes sense but for now we feel very good about our positions competitively and how customers are reacting to the story so we'll keep you posted as things continue to evolve but thanks again and
Operator
this concludes today's conference call thank you for participating you may now I'll disconnect.