Okta, Inc., the leading independent identity provider, has introduced new enhancements to the Okta and Auth0 platforms designed to help organizations securely build and manage AI agents. The innovations enable these agents to integrate seamlessly into an identity security fabric, delivering complete lifecycle management and protection against AI-driven fraud.
Why It Matters
AI adoption is accelerating, with 91% of enterprises already deploying AI agents. While these technologies promise significant efficiency gains, they also open the door to misconfigurations, identity risks, and AI-powered fraud. Despite the growing reliance on non-human identities, only 10% of organizations currently have strategies in place to manage them.
Cyber Technology Insights : Pure Storage Expands Cyber Resilience Through New Innovations and Deeper Partnerships
Recent incidents, including compromised AI hiring tools that exposed sensitive applicant data, highlight the urgent need for purpose-built identity security. Without unified controls, legacy architectures leave organizations vulnerable to impersonation, deepfakes, and unauthorized access at machine speed. Analysts predict that by 2027, identity fabric immunity will prevent up to 85% of new attack attempts.
“AI is reshaping the workplace faster than enterprises can adapt. Poorly managed agents highlight the risks of piecemeal identity approaches,” said Kristen Swanson, SVP of Design and Research at Okta. “Our new capabilities weave AI agents into a unified identity fabric, enabling organizations to reduce their attack surface and establish industry-wide security standards.”
Okta for AI Agents: Full Lifecycle Security
The newly announced Okta for AI Agents integrates agents into the identity fabric for visibility, control, and governance. With phased rollouts beginning in FY27, the solution will offer:
- Discovery & Risk Detection – Identity Security Posture Management (ISPM) surfaces risky agents, API keys, and OAuth tokens.
Cyber Technology Insights : BlueVoyant and Auto-ISAC Partner to Elevate Third-Party Cyber Risk Management
- Provisioning & Registration – Universal Directory assigns risk scores and ownership to non-human identities.
- Dynamic Access Controls – Security policies enforce least privilege principles. The new Cross App Access (XAA) protocol standardizes secure connections between AI agents and applications, while Okta Privileged Access (OPA) manages static credentials.
- Governance & Monitoring – Okta Identity Governance (OIG) ensures full audit trails, while Identity Threat Protection with Okta AI (ITP) applies behavioral analytics to spot anomalies and automate remediation.
Cross App Access: Securing Agent-to-App Interactions
Okta has also introduced Cross App Access (XAA), an extension of OAuth that secures agent-driven and application-to-application interactions. XAA centralizes policy-based access management, reduces user friction, and enables real-time visibility across systems.
The protocol has gained support from major technology players including AWS, Salesforce, Google Cloud, Boomi, Box, Miro, Grammarly, Glean, Automation Anywhere, and WRITER.
Salesforce SVP of Product Marla Hay commented: “As enterprises scale their use of AI, securing agentic workflows is critical. We’re excited to collaborate with Okta and bring its identity insights into Salesforce Security Center to help organizations strengthen their posture.”
Glean’s CISO Sunil Agrawal added: “Our mission is to empower AI agents to act responsibly on behalf of users. XAA sets the stage for standards-based security that makes this vision possible.”
Cyber Technology Insights : PCI Pal Announces Appointment of New Chief Information Security Officer
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
