Okta has extended Okta for AI Agents to support new agent ecosystems, any identity provider, and govern access to any enterprise resource. New updates include an integration with Amazon Bedrock AgentCore, a fully managed generative AI service from Amazon Web Services (AWS), that provides identity lifecycle management for agent customers built on AWS, and support for non-Okta identity providers. Together, these capabilities help organisations discover, onboard, protect, and govern agents regardless of which agents they deploy, which identity platforms they own, or which resources they connect to.
“Security and IT leaders need a better way to understand where their agents are, what they can connect to, and what they can do,” said Ely Kahn, Chief Product Officer, Okta. “With AI agents being built on different platforms and being deployed across distributed environments, the agentic enterprise doesn’t fit into a single-vendor ecosystem. Okta for AI Agents is the neutral platform built to secure the full agent lifecycle, from initial discovery and onboarding to ongoing protection and governance.”
Shakeel Khan, RVP and Country Manager, Okta India, said, “AI agent deployment has outpaced governance by a significant margin, with 90% of enterprise agents over-permissioned and more than half accessing sensitive information. The visibility and control gap is real and growing. The Amazon Bedrock AgentCore integration addresses this directly: organisations building on AWS now have a governed identity layer for their agents, without rebuilding their existing stack to get there. Making governance as fast as development is what responsible AI adoption looks like in practice, and Okta’s expanding ecosystem spanning Salesforce Agentforce, ServiceNow, Google Vertex AI, and more makes that possible at scale.”
Why it matters:
By 2028, Gartner predicts that an average global Fortune 500 company will have over 150,000 agents in use. Yet, security and governance models are already falling short: 90% of enterprise agents are over-permissioned, and 53% of AI agents access sensitive information.
Enterprises need to maintain visibility and control over their sprawl of agents, ensuring they have governed identities, consistent access policies, and ways to shut them down.
The challenge is compounded by the pace of change across the AI landscape. Model leadership is constantly rotating, platform adoption patterns are shifting, and organisations using multiple platforms benefit from a unified identity layer that works across ecosystems.
At the same time, most point solutions, such as a credential vault or a policy engine, secure only one part of the agent lifecycle. Enterprises need a vendor-neutral platform to secure every agent end-to-end.
Okta for AI Agents now integrates with Amazon Bedrock AgentCore to provide customers with identity governance capabilities for their agents, including ownership assignment, lifecycle management, and the ability to deactivate rogue agents. Key capabilities include:
- AI Agent Discovery: Identify agents across an organisation’s environment, including those built on AgentCore, by monitoring for new OAuth consent grants on browsers.
- AI Agent Import: Import agents from AgentCore directly into Okta via the Okta Integration Network (OIN) to allow for governance of agents within minutes.
- AI Agent Registry: Register agents built on AgentCore as identities with a clear human owner and baseline governance policies from a centralised source of truth.
- Resource Connections: Define and securely enforce which resources AgentCore agents can access, which authentication method they use, and what scopes they receive.
- User Access Requests and Certifications for AI Agents: Govern agents across their full lifecycle by automating workflows to request and certify user access to AI agents built on AgentCore.
- Agent Deactivation: If an organisation needs to revoke an agent’s access, it can do so with a single action, supporting rapid incident response across the enterprise.
- System Logs and Telemetry: Capture tool calls and authorisation decisions to maintain compliance and stream to a SIEM for rapid incident response.
These capabilities are platform-neutral. They work across different agent builders that Okta supports, including Salesforce Agentforce and ServiceNow AI Platform, with additional integrations for DataRobot, Boomi, Glean, Google Vertex AI, and Workday coming soon.
Okta for AI Agents works alongside non-Okta identity providers, giving organisations a purpose-built agent identity platform without requiring them to replace their existing human identity infrastructure. Customers can continue to use identity providers, such as Microsoft Entra ID, Ping, or others, as the system of record for human users, while Okta layers identity security for the full agent lifecycle.
This gives organisations a single control plane to discover where their agents are, protect what they can connect to across SaaS apps, APIs, MCP servers, and other enterprise resources, and govern what they can do – without ecosystem lock-in or blind spots.
