IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Digital illustration secure cloud environment with ai agents protecting data
#
Digital Transformation
#
Network Security
#
Cloud Security

Okta launches Cross App Access to boost AI security in firms

Today
Author image
By Jed Nykolle Harme, Editor

Okta has announced Cross App Access, a protocol designed to bring security, visibility, and control to the way AI agents interact with enterprise systems and applications.

The protocol, extending the capabilities of OAuth, provides IT teams with oversight over both agent-driven and application-to-application interactions within an organisation. Through Cross App Access, teams can manage which applications are connecting, and the types of information AI agents are permitted to use or access.

Security landscape

The introduction of Cross App Access comes amid increasing enterprise adoption of AI-powered tools, which often use communication protocols such as Model Context Protocol (MCP) and Agent2Agent (A2A) to connect learning models to organisational data and applications. In current practice, establishing these connections typically requires users to grant manual consents and login approvals for each integration, such as linking AI tools to platforms like Google Drive or Slack.

These processes frequently occur without clear oversight, leaving IT departments to handle access management through inconsistent manual methods. This situation, according to Okta, presents a security vulnerability that expands as the use of AI agents increases, creating what many describe as an unmanaged perimeter with limited visibility into agent and app activities.

Arnab Bose, Chief Product Officer, Okta Platform at Okta, described the changing risk landscape as both a technological and security challenge for organisations adopting AI agents at scale. He stated:

"While we're actively working with the MCP and A2A communities to improve AI agents' functionality, their increased access to data and the explosion of app-to-app connections will create new identity security challenges. With Cross App Access, Okta is excited to bring oversight and control to how agents interact across the enterprise. Since protocols are only as powerful as the ecosystem that supports them, we're also committed to collaborating across the software industry to help provide agents with secure, standardized access to all apps."

Technical approach

Cross App Access is aimed at software vendors that support enterprise customers, enabling them to facilitate secure integration between AI tools and other business applications. The protocol is set to become available as a feature for select Okta Platform customers in the third quarter.

In the typical workflow described by Okta, an AI tool needing access to an internal communication app would—under existing processes—require the end user to sign in and approve each integration individually. Each instance of authorisation is usually not visible to the IT team, limiting the ability to monitor or control access at the organisational level.

With Cross App Access, the workflow changes. The AI tool submits an access request to Okta, which then evaluates the request in line with company policies. If authorised, Okta issues a token to the AI tool, which presents it to the communication app for validation. The process is completed without further user interaction, and all interactions are logged and visible to enterprise IT.

Impact for software vendors

Independent software vendors (ISVs) are under pressure to create secure and seamless cross-application experiences. The complexities associated with current identity and access flows can lead to risks such as token sprawl and inconsistent user authorisations. These issues are compounded as AI agents increasingly initiate connections across disparate systems autonomously.

Okta states that the protocol will address these challenges by shifting access management and control responsibility from individual integrations to centralised identity providers. This could help reduce risks and help ISVs with customer compliance requirements.

Use by enterprises

Many organisations currently implement AI integrations through patchwork processes that use long-lived tokens and fragmented control systems, which, Okta notes, are inherently risky and often stall further AI adoption. Without an overarching management system, businesses risk losing visibility into how, when, and why AI agents interact with sensitive data.

From the end-user's perspective, repeated authorisation requests and outdated login flows can make adopting new AI-powered applications burdensome and inefficient.

Cross App Access aims to address these issues by allowing IT administrators to manage agent access centrally, providing both security improvements and more streamlined user experiences. Companies can then integrate new AI applications with existing business systems while meeting requirements for oversight, compliance, and governance.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Tata Consultancy opens three new European hubs for SDV growth
Reality check: Lenovo’s enterprise predictions for 2025 under the microscope
JFrog & TL Consulting boost APAC software supply chain security
Why privacy is everyone’s business in 2025 - and what you can do about it
ASIO’s declassified insights send powerful messages on protecting people, data centres, and buildings

Top stories

Lenovo climbs to eighth in 2025 Gartner Supply Chain Top 25
Alcatel-Lucent Enterprise adds PROFINET to boost IT-OT unity
Lenovo expands Hybrid AI Advantage for enterprise adoption
Exclusive: How Celonis is reshaping digital transformation journeys
Carnival Cruise Line, DXC partner to enhance IT globally