New framework helps enterprises answer defining questions to secure the agentic era
Customers can leverage Okta for AI Agents, generally available (GA) April 30, 2026, to implement this framework
Okta, Inc., the leading independent identity partner, announced a new blueprint for the secure agentic enterprise to help every organization answer three critical questions for the agentic era: where are my agents, what can they connect to, and what can they do? To help customers implement this framework, Okta is delivering Okta for AI Agents, a comprehensive platform to discover and register known and unknown AI agents, standardize agent access, and instantly revoke access to mitigate the impact of rogue agent behavior.
Also Read: CIO Influence Interview with Gihan Munasinghe, CTO of One Identity
“AI agents are evolving faster than any software before them, making traditional security models obsolete. Speed is now a given, but security is the differentiator,” said Ric Smith, President of Products & Technology, Okta. “With this new blueprint, Okta is establishing the industry standard for the secure agentic enterprise. We enable companies to discover shadow agents, secure connection points, and maintain the ultimate ‘kill switch’ to protect their enterprise from evolving risks.”
Why it Matters
Within the last six months, the stakes for AI security have grown exponentially, with more powerful agents emerging that pose significant risks if compromised. For example, superagents like OpenClaw can now operate directly on users’ machines, executing terminal commands, accessing the file system, transferring data between applications, maintaining long-term memory, and autonomously performing complex workflows. The models agents run on have also evolved, capable of spawning teams of ephemeral agents to perform specialized tasks.
AI agents are challenging traditional identity security practices built for predictable human behavior. Recent research shows while 88% of organizations report suspected or confirmed AI agent security incidents1, only 22% of organizations treat AI agents as independent, identity-bearing entities. To secure non-deterministic agents, organizations need a new approach.
The Blueprint for the Secure Agentic Enterprise Starts with Okta for AI Agents
Available on April 30th, 2026, *Okta for AI Agents is the first and best implementation of the blueprint to answer the three critical questions to become a secure agentic enterprise.
Where are my agents? Organizations must identify all known and unknown agents in their environments, including sanctioned platforms managed by IT and unsanctioned “shadow” agents created by employees. Okta’s capabilities help organizations onboard agents from major agent platforms, future-proofing their investments and insulating them from vendor lock-in. They also enable the detection of unsanctioned “shadow agents” and the registration of agents—whether facing employees, customers, or partners—as first-class identities. Supporting features include:
- Agent Integrations in the Okta Integration Network (OIN): Okta is extending its catalog of 8,200+ integrations to include dedicated support for popular AI agent platforms, such as Boomi, DataRobot, and Google Vertex AI. Teams can import agents and register them as fully governed identities, providing central visibility into where AI agents are and assigning clear human ownership.
“Securing the agentic enterprise will require industry-wide collaboration,” said Carl Siva, Chief Information Security Officer, Boomi. “By combining Boomi’s expertise in agentic connectivity and modern integration with Okta’s identity leadership, we are delivering a unified security and governance layer that helps organizations harden their security posture while maintaining auditable visibility into every agent’s actions. Together, Boomi’s Agentstudio and Agent Control Tower with Okta for AI Agents enable teams to build and deploy agents faster—without compromising governed security controls.”
“If an AI agent has the power to act, it must have an identity. DataRobot has always been built for the enterprise that can’t afford to get AI wrong,” said Venky Veeraraghavan, Chief Product Officer, DataRobot. “This integration brings together the DataRobot Agent Workforce Platform and Okta for AI Agents, allowing our customers to build an agentic workforce with the rigorous identity standards that Okta is known for, and the confidence to scale from the lab to the front lines.”
- Shadow AI agent discovery: IT and security teams can automatically detect when employees connect AI agents to enterprise applications. This capability provides full visibility into an agent’s granted scopes and potential blast radius, providing a comprehensive remediation plan that registers the agent, assigns a human owner, and applies baseline security policies.
- Universal Directory: Okta is expanding its Universal Directory to treat AI agents as first-class, non-human identities. It provides a single, searchable directory for autonomous entities in the enterprise, ensuring that every agent has a defined lifecycle from onboarding to decommissioning.
What can agents connect to? Enterprises must centrally control every MCP, tool, app, API, and database an agent interacts with. This requires managing access tokens for each transaction and enforcing policy decisions at machine speed. Supporting features include:
- Agent Gateway: Agent Gateway serves as a centralized control plane to secure AI agent access to resources. Its virtual MCP server capability allows administrators to aggregate and expose tools from Okta’s MCP registry. All interactions between AI agents and resources are logged for audit and observability.
- Privileged Credential Management: Agent credentials can be vaulted and automatically rotated through a secure vault, preventing credentials from appearing in plain text or logs while maintaining a complete audit trail.
- API Access Management: AI agents can connect to an authorization server to enforce least-privilege with dynamic evaluation based on identity, context, and risk, ensuring consistent controls and preventing unauthorized lateral movement.
What can agents do? True security requires the ability to authorize individual tool calls using context and intent clues. Organizations will need to leverage shared risk signals to immediately revoke agentic access and prevent lateral movement. Supporting features include:
- Universal Logout for AI Agents: If an agent deviates from its intended mission or accesses sensitive data unexpectedly, Okta can instantly revoke all access tokens. This “kill switch” deactivates the agent’s access across the entire enterprise ecosystem to contain risk.
- Governance for Agents as a Resource: By bringing agents acting on behalf of users into standard certification workflows, organizations can maintain full control over who has access to AI agents. This enables automated access reviews, assignment of human owners, and enforcement of policies to help ensure agents retain only the permissions they need, with a comprehensive audit trail of their actions.
- System logs: Agent activity, including tool calls, authorization decisions, and access attempts, can be logged and sent to an organization’s SIEM. This provides the visibility needed to support runtime enforcement and universal logout.
Catch more CIO Insights: CIO as Orchestrator of Cross-Functional Digital Strategy
[To share your insights with us, please write to psen@itechseries.com ]
