Okta Expands Okta for AI Agents with AWS AgentCore Integration, Any-IdP Support, and Enterprise Access Governance

Okta, Inc. (headquartered in San Francisco, U.S.), a provider of identity management services, today announced expanded capabilities for Okta for AI Agents to support new agent ecosystems, integrate with any identity provider (IdP), and enable access governance for enterprise resources. The update includes an integration with Amazon Bedrock AgentCore, Amazon Web Services’ (AWS) agent platform. This enables identity lifecycle management for AI agents built on AWS and introduces support for IdPs beyond Okta. With these capabilities, organizations can centrally discover, onboard, secure, and govern AI agents regardless of the types of AI agents they deploy, the identity platforms they use, or the resources those agents connect to. Ely Kahn, Chief Product Officer at Okta, said: “Security and IT leaders need better ways to know exactly where AI agents exist, what they connect to, and what they can do. Because AI agents are built on diverse platforms and deployed across distributed environments, agentic enterprises do not fit into a single-vendor ecosystem. Okta for AI Agents is a neutral platform built to secure the entire AI agent lifecycle, from initial discovery and onboarding to continuous protection and governance.” Background and significance According to Gartner, by 2028 the average global Fortune 500 enterprise is expected to use more than 150,000 AI agents. However, existing security and governance models are already reaching their limits: 90% of enterprise agents are over-permissioned, and 53% have access to sensitive information. Enterprises need to maintain visibility and control over the rapid growth of AI agents, ensuring managed identities, consistent access policies, and emergency shutdown mechanisms. This challenge is further complicated by the speed of change in AI. The model landscape is constantly shifting, and platform adoption patterns continue to evolve. For organizations using multiple platforms, a unified identity layer that works across ecosystems offers significant advantages. At the same time, many existing point solutions, such as credential vaults and policy engines, protect only part of the agent lifecycle. To secure AI agents end to end, enterprises need a vendor-neutral platform. Available today: Okta for AI Agents integrates with Amazon Bedrock AgentCore With the integration between Okta for AI Agents and Amazon Bedrock AgentCore, Okta provides identity governance capabilities for AI agents, including owner assignment, lifecycle management, and deactivation of unauthorized AI agents. Key capabilities include: AI Agent Discovery: Identifies AI agents in an organization’s environment, including those built with AgentCore, by monitoring new OAuth authorization grants in the browser. AI Agent Import: Imports agents directly from AgentCore into Okta through the Okta Integration Network (OIN), allowing governance to begin within minutes. AI Agent Registry: Registers AI agents built with AgentCore as identities in a trusted single source of truth, linking them to clear human owners and baseline governance policies. Resource Connections: Defines and securely enforces the resources AgentCore agents can access, the authentication methods they use, and the scopes they are granted. User Access Requests and Certifications for AI Agents: Automates request and approval workflows for user access to AI agents on AgentCore and manages the full lifecycle. Agent Deactivation: Enables rapid bulk deactivation when access must be revoked, accelerating enterprise-wide incident response. System Logs & Telemetry: Records tool calls and authorization decisions to maintain compliance and streams them to SIEM systems for faster incident response. These capabilities are platform-independent and support a range of agent builders supported by Okta, including Salesforce Agentforce and ServiceNow AI Platform. Integrations with DataRobot, Boomi, Glean, Google Vertex AI, and Workday are also planned soon. Available today: Okta for AI Agents supports any IdP Okta for AI Agents can be used alongside identity providers other than Okta. This allows organizations to deploy an identity platform dedicated to AI agents without replacing their existing identity infrastructure for humans. Customers can continue using existing IdPs such as Microsoft Entra ID and Ping as systems of record for human users, while using Okta for AI Agents to strengthen security across the full agent lifecycle. This gives organizations a single control plane to understand where AI agents are, secure their connections to SaaS applications, APIs, MCP servers, and other enterprise resources, and govern their behavior while avoiding ecosystem lock-in and blind spots. Note: Solutions, features, certifications, or other items described in this article that are not currently generally available or have not yet been obtained may not be delivered as scheduled or at all. Okta has no obligation to provide them, and purchasing decisions should not rely on them. About Okta Okta is The World’s Identity Company™. Okta secures AI, machine, and human identities, enabling everyone to safely use any technology. Its customer and workforce solutions help companies and developers protect their AI agents, users, employees, and partners while driving security, efficiency, and innovation. To learn why the world’s top brands trust Okta for authentication, authorization, and identity management, visit: https://www.okta.com/ja-jp/