Okta Unveils New Features to Secure Non-Human Identities Including AI Agents

Okta has announced significant new capabilities for the Okta Platform designed to secure non-human identities such as AI agents, API keys, and service accounts. These enhancements arrive as organizations increasingly rely on digital workforces that operate alongside human employees, creating new security challenges that demand comprehensive protection.

The Rising Challenge of Non-Human Identity Security

As generative AI becomes more mainstream, the number of AI agents and non-human identities is expected to explode. According to Deloitte forecasts, half of all enterprises will implement some form of AI agents by 2027, with some organizations already utilizing hundreds or thousands of non-human entities.

These non-human identities often present significant security vulnerabilities:

• Static credentials that rarely change
• Lack of federation capabilities
• Absence of multi-factor authentication (MFA)
• Excessive permissions that make them attractive targets for attackers

Comprehensive End-to-End Security Features

To address these challenges, Okta is building a unified security foundation that seamlessly integrates across businesses to handle increasingly complex security environments and identity sprawl. The newly announced capabilities include:

Identity Security Posture Management (ISPM) and Okta Privileged Access

This end-to-end solution enhances detection, protection, and management for all non-human identities, including:

• AI agents
• Service accounts
• Shared accounts
• Emergency access identities
• API keys and access tokens
• Automation tools

Organizations can now govern AI-driven automation and machine-to-machine communications under zero-trust policies while continuously monitoring for risks and vulnerabilities.

Separation of Duties (SoD)

Now available in general availability preview, this feature prevents security risks and compliance violations that occur when users possess conflicting access privileges. It enforces SoD policies based on predefined business rules to:

• Strengthen fraud prevention
• Improve regulatory compliance
• Mitigate internal threats

Secure Device Features (Okta Device Access + Adaptive MFA)

This early access feature reduces risks from MFA fatigue attacks and credential theft by seamlessly integrating device context and hardware protection features for zero-trust access control. It works with other security tools to collect signals for access policy decisions and continuous risk assessment.

Secure Identity Integrations (SII)

Now generally available, this feature provides comprehensive security integration for critical business applications. Available as a collection within the Okta Integration Network (OIN), it enables advanced integration beyond SSO and lifecycle management for applications like:

• Google Workspace
• Microsoft 365
• Salesforce

This allows for user permission management, risk visibility, built-in remediation, and threat containment through Universal Logout functionality.

On-prem Connector

This early access feature provides a new standard connector that simplifies integration between on-premises applications and Okta Identity Governance, enabling fine-grained permission discovery, visibility, and management within Okta.

Securing the Digital Workforce

“As the new wave of generative AI emerges, companies are rapidly adopting AI agents. However, they often overlook the need to secure these systems and control non-human identity sprawl,” said Arnab Bose, Chief Product Officer for Okta Platform. “Okta Platform helps by integrating these non-human identities into the security foundation, ensuring the growing digital workforce is protected with the same rigor and care as human employees.”

Through these new features, Okta reinforces its strategy of centrally protecting and managing all identities—human and non-human—on a single platform. As AI becomes increasingly central to business operations, the importance of integrated identity security will only continue to grow.

About Okta

Okta is a leading independent identity provider that enables organizations to securely connect the right people to the right technology at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere. Over 18,000 customers, including JetBlue, Nordstrom, Slack, Takeda, and Teach for America, trust Okta to help protect the identities of their workforces and customers. Learn more at okta.com.