Okta Introduces Cross App Access to Secure AI Agents in Enterprise
Okta Inc. on Monday said it has created a new protocol to secure artificial intelligence (AI) agents to bring visibility, control and governance to agent-driven and app-to-app interactions.
The Cross App Access platform is especially important as more AI tools use protocols like Model Context Protocol (MCP) to connect their AI learning models to important data and apps within the enterprise. But in establishing connections agents like Google Drive and Slack, users need to manually log in and consent to grant the agent access to each integration.
Those app-to-app connections occur without oversight, however, and force IT and security teams to rely on manual and inconsistent processes to gain visibility, reporting and observability. This can lead to a big blind spot in enterprise security and expand an increasingly unmanaged perimeter, said Arnab Bose, chief product officer of Okta Platform.
“While we’re actively working with the MCP and A2A communities to improve AI agents’ functionality, their increased access to data and the explosion of app-to-app connections will create new identity security challenges,” Bose said in an interview. “With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise.”
“The security ecosystem is keeping up to speed regarding AI largely because we have to,” Bose added.
The security challenge is likely to be amplified with the explosion of AI agents, which are introducing new, non-deterministic access patterns, crossing system boundaries, triggering actions on their own, and interacting with sensitive data. Some 82% of executives reported a pressing need to implement a robust AI governance solution, according to recent data commissioned by Prove AI and conducted by Zogby Analytics.
Cross App Access lets ISVs deliver secure, enterprise-grade integrations for AI agents and other autonomous systems such as workflow automation tools. By shifting access control to the identity provider, like Okta, ISVs can reduce security risks, simplify integration complexity, and better support their customers’ compliance and governance needs.
Integrating AI tools with current data and systems presents significant hurdles, Bose said. Many businesses rely on ad hoc methods such as long-lived tokens and fragmented access controls, making these integrations risky. Such methods have stalled AI adoption of agent access data across apps.
With Cross App Access, he said, enterprises can enhance security and usability, empowering IT to manage agent access while enabling seamless, “low-friction experiences” for users. It supports secure interoperability between apps and AI systems, making it easier to adopt innovative ISV solutions without compromising oversight or performance.
