Okta’s New Protocol Tackles the Security Blind Spot of AI Agents in the Enterprise

Cross App Access aims to bring security and oversight to AI agents navigating enterprise apps

Identity and security platform Okta is introducing a new protocol designed to protect organizations as they transition to an agentic future. Cross App Access is created to minimize security risks as teams leverage these autonomous bots for work. The company claims it’ll remove the need for repetitive authorization consent screens and make agents more secure and compliant. Cross App Access is expected to be available sometime in Q3 2025.

As interoperability standards such as Anthropic’s Model Context Protocol (MCP) and Google’s Agent2Agent (A2A) gain widespread adoption, Okta states users are having to manually log in and consent to granting agent access to each app integration, such as Google Drive and Slack. Not only is it tedious, but it’s also inconsistent across apps. Moreover, IT teams lack visibility into when and how AI agents access sensitive data. There’s always a chance a malicious agent could infiltrate the workforce—we’ve already seen one case.

IT security isn’t equipped to deal with AI agents today, especially in terms of their autonomy, scale, and unpredictability. Okta believes Cross App Access could level the playing field, at least for now.

“With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise,” Arnab Bose, Okta’s chief product officer for its platform, remarks in a statement. “Since protocols are only as powerful as the ecosystem that supports them, we’re also committed to collaborating across the software industry to provide agents with secure, standardized access to all apps.”

In the past, when an AI agent needed to access an internal app to retrieve information or complete a job to be done, a human worker needed to log in to the bot using their organization’s Single Sign-On (SSO) and then manually approve each integration. Afterwards, they’d also have to do the same in the respective app and consent to the access.

However, with Cross App Access, the AI agent will eliminate the middleman, so to speak, and send a request to the app from Okta, which will analyze it based on the enterprise policies to see if the agent has permission to access the app’s data. If authorized, a token will be issued for validation.

What the company is doing will be of interest to business leaders. However, it’s not the only one tackling an LDAP for bots. Microsoft introduced, in May, something similar called Entra Agent ID in public preview. However, Okta’s advantage may be that it’s already working with leading software vendors to implement Cross App Access.