Okta Introduces Cross App Access to Help Secure AI Agents in the Enterprise

Okta partners with ISVs to establish a new open protocol that securely manages how AI agents interact across systems

Okta, Inc, the leading independent identity partner, today announced Cross App Access, a new protocol to help secure AI agents. As an extension of OAuth, it brings visibility and control to both agent-driven and app-to-app interactions, allowing IT teams to decide what apps are connecting and what information AI agents can access.

Also Read: Agentless AI and Software Engineering: Automating Problem Resolution with Zero Overhead

Why it Matters:

• More AI tools are using protocols like Model Context Protocol (MCP) and Agent2Agent (A2A) to connect their AI learning models to relevant data and apps within the enterprise. However, for connections to be established between agents and apps, such as Google Drive or Slack, users need to manually log in and consent to grant the agent access to each integration.
• These app-to-app connections occur without oversight, with IT and security teams having to rely on manual and inconsistent processes to gain visibility. This creates a big blind spot in enterprise security and expands an increasingly unmanaged perimeter.
• This challenge will be amplified with the explosion of AI agents, which are introducing new, non-deterministic access patterns, crossing system boundaries, triggering actions on their own, and interacting with sensitive data.
• Today’s security controls aren’t equipped to handle their autonomy, scale, and unpredictability. Existing identity standards are not designed for securing an interconnected web of services and applications in the enterprise – and while MCP improves transparency and communication between agents, it doesn’t help manage access.

“While we’re actively working with the MCP and A2A communities to improve AI agents’ functionality, their increased access to data and the explosion of app-to-app connections will create new identity security challenges,” said Arnab Bose, Chief Product Officer, Okta Platform at Okta. “With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise. Since protocols are only as powerful as the ecosystem that supports them, we’re also committed to collaborating across the software industry to help provide agents with secure, standardized access to all apps.”

What we’re introducing – Cross App Access

Okta, working with industry leading ISVs, is launching Cross App Access to help ISVs deliver secure, enterprise-ready integrations in an AI-powered world. Anticipated to be available for select Okta Platform customers as a feature in Q3 of this year, it will enable ISVs’ enterprise customers to better connect their AI tools to other apps and data, deliver more seamless experiences for the end user by removing repetitive authorization consent screens, and manage agent access for better security and compliance.

For example, an AI tool may need to access an internal communication app to retrieve information or take action on a user’s behalf. Without Cross App Access, the user must log into the AI tool via their company’s SSO and then manually approve each integration, logging into and consenting to the internal communication app separately. This process would then need to be repeated for other necessary applications, such as a file storage service or a project management application. Each consent and access is invisible to the enterprise customer.

With Cross App Access, the AI tool can instead request access to the internal communication app from Okta, which evaluates the request against enterprise policies and determines whether the tool is authorized to access that specific user’s internal communication app data. If permitted, Okta issues a token to the AI tool, which it presents to the internal communication app for validation. Once validated, the internal communication app provides access – all without additional user interaction, and under enterprise-defined security controls. The enterprise has visibility into when the AI tool accesses the internal communication app on behalf of the user.

Also Read: The Role of AI in Automated Dental Treatment Planning: From Diagnosis to Prosthetics

What challenges does this solve for ISVs?

ISVs face growing pressure to support secure, seamless cross-app experiences for their enterprise customers, but the underlying identity and access flows are often inconsistent, fragmented, and hard to scale. These integrations typically rely on risky token exchanges and user-granted access, leading to token sprawl and visibility gaps. As AI agents begin to autonomously connect across systems, this complexity and the risk only increases.

How Cross App access can help: Cross App Access enables ISVs to deliver secure, enterprise-grade integrations for AI agents and other autonomous systems, such as workflow automation tools. By shifting access control to the identity provider, like Okta, ISVs can reduce security risks, simplify integration complexity, and better support their customers’ compliance and governance needs.

What challenges does this solve for enterprises?

Integrating AI tools with existing data and systems presents significant hurdles. Many businesses currently rely on ad hoc methods like long-lived tokens and fragmented access controls, making these integrations inherently risky. AI adoption is being stalled by this lack of visibility and control over how agents access data across apps.

Beyond security, the user experience is also impacted when agents can’t act seamlessly on behalf of users, due to repetitive and outdated authorization flows.

How Cross App access can help: With Cross App Access, enterprises can enhance security and usability, empowering IT to manage agent access while enabling seamless, low-friction experiences for users. It supports secure interoperability between apps and AI systems, making it easier to adopt innovative ISV solutions without compromising oversight or performance.

[To share your insights with us, please write to psen@itechseries.com]