At the annual Oktane customer conference held in Las Vegas, Nevada, Identity and Access Management Expert Okta dramatically inflates his numbers when it comes to securing non-human identity (NHI) as the wave wave of artificial intelligence (AI) agents.
Among the announcements made today are new features on both the OKTA and Auth0 platforms, where suppliers say that users can seamlessly integrate AI agents into the identity security fabric.
A 2025 survey by OKTA revealed that 91% of organizations are already deploying agent AI in search of increased productivity, but only 10% of organizations currently have cybergovernance in place to manage agents think it's risky and fast.
Such risks are no longer theoretical. OKTA cited cases such as the current infamous violations that AI bots were built on the paradox AI platform and used by fast food giant McDonald's in the recruitment process.
Okta CEO Todd McKinnon compared unleashing AI agents about an organization's environment with creating many individual new insider threats.
“AI agents are a powerful new type of identity. They can act independently and on their behalf, either on their behalf, or on behalf of users, teams, or companies,” says McKinnon. “They have access to tools, apps, or data and can plan or complete tasks themselves. The pace of innovation here is absolutely fantastic.
“These AI agents and the possibilities here have become very powerful and very quickly.
“Without identity security, AI security will collapse. AI security is identity security and you cannot succeed on the one hand without the other,” McKinnon said.
Otta for agents
Officially launched today, the company's new OKTA for AI Agents Concept integrates AI agents into the identity security fabric to provide end-to-end security wrap.
Among other things, the service provides tools that allow agents to discover and identify risky or rogue shadows. It provides centralized management to manage agents, access, and broader security policies and automated governance to manage your overall security journey or “lifecycle.”
Notable among the features of the new package, Okta speaks of Cross App Access (XAA), an agent-driven protocol that protects application-to-application interactions. With support from partners like AWS, Box, Google Cloud and Salesforce, Okta said XAA will shift control from individual apps to a wider identity layer, bringing real-time visibility, policy-driven security, and secure agent integration.
“Everywhere, Enterprise is working on how to safely utilize AI with company data. Customers rely on unifying that knowledge and enhancing AI agents' actions that make sense.”
“Green agents act strictly on behalf of their users. They have no privileges. XAA further moves that principle and represents the next step to make AI agents more secure and seamless for connecting between systems.
added Kristen Swanson, Octa's Senior Vice President of Design and Research. “Modern businesses need an identity security fabric that can unify silos and reduce attack surfaces. Latest innovations leverage open standards such as cross-app access, which involves weaving agents into that fabric, managing the entire identity lifecycle, increasing the entire industry and creating a safer AI-powered ecosystem.”
Elsewhere in Oktane, Okta has announced verifiable digital credentials (VDCs). This is a new platform designed to reduce AI-powered fraud and potential friction during employee onboarding or other similar processes, allowing organizations to digitally prove their user identity and eligibility and establish ongoing trust.
