Okta teams up with Google Cloud to secure the AI-powered workforce

<_p3d_22_22_>Okta and Google Cloud are expanding their strategic partnership to bring together best-of-breed identity, cloud, and productivity solutions that help joint customers strengthen security and resilience across their AI-powered workforce. Through new integrations between Okta and Gemini Enterprise Agent Platform and Chrome Enterprise, the companies are extending enterprise-grade security and identity governance to AI agents while protecting users, access, and devices across browser-based work.\r\n

With enterprises deploying more AI agents and embedding AI into everyday workflows, they need the ability to secure and govern agents in a similar way to how human identities are managed today. At the same time, organizations must evolve their internal security architectures to reflect that modern work is increasingly browser-based. The urgency is reflected in today's landscape:

\r\n

• \r\n

• Modern work is evolving quickly as AI becomes a routine part of the workplace, with 92% of executives (1) reporting moderate or widespread use of AI agents, yet only 34% of organizations applying the same security controls to them as to human workers.

  \r\n
• \r\n

• Identity-based attacks, such as session hijacking, are surging, with a 127% year-over-year increase (2), as attackers steal the 'post-auth' session tokens stored in the browser.

  \r\n
• \r\n

• Platform flexibility and interoperability are growing concerns, with 62% of IT leaders viewing vendor lock-in as strategic risks (3).

  \r\n
• \r\n

\r\n

"Organizations shouldn't have to choose between the AI and productivity tools their teams want and the security their business requires," said Ely Kahn, Chief Product Officer, Okta. "Okta and Google are a natural fit because we pair Google's leading product suite with an identity layer that can work across the entire modern, AI-powered work stack."

\r\n

"Securing the AI-powered enterprise requires a layer of identity security that operates seamlessly across the core platforms that power modern work," said Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships, Google Cloud. "Together with Okta, we're extending that foundation across Google Cloud - so customers can confidently deploy AI agents in production, govern how they interact with critical systems, and maintain strong protection across the browser."

\r\n

Bringing enterprise-grade security and identity governance to AI agents

\r\n

Available now: Auth0 for AI Agents integrates with Gemini Enterprise Agent Platform Runtime to more securely move agents from pilot to production

\r\n

For customers building the next generation of applications on Gemini Enterprise Agent Platform Runtime. Auth0 for AI Agents provides the secure identity layer needed to move from pilot to production fast. Auth0 for AI Agents integrates with Gemini Enterprise Agent Platform Runtime to help developers embed enterprise-grade identity and access controls into their workflows, reducing the burden of custom coding, with features such as:

\r\n

• \r\n

• User authentication: Verify that only authenticated users can invoke an agent.

  \r\n
• \r\n

• Token Vault: Securely connect agents to third-party and downstream services by storing, managing, and refreshing OAuth tokens within a Token Vault, enabling agents to safely act on a user's behalf.

  \r\n
• \r\n

• Human-in-the-loop workflows: Trigger human approval checkpoints for sensitive or high-risk actions, so agents can continue working in the background while users remain in control.

  \r\n
• \r\n

• Fine-Grained Authorization (FGA): Verify that Gemini Enterprise Agent Platform Runtime agents perform only the specific actions a user is permitted to take, helping prevent overprivileged behavior and better protect sensitive data.

  \r\n
• \r\n

• Auth for MCP: Add authentication and authorization to any MCP server, giving users granular control over exactly who gets access and what they can do.

  \r\n
• \r\n

\r\n

Coming Soon: Okta for AI Agents and Gemini Enterprise Agent Platform help secure AI agents with centralized visibility and policy control

\r\n

As enterprises scale to tens of thousands of agents, a lack of visibility leads to dangerous identity blind spots, while fragmented policy enforcement creates governance risks. That combination makes it difficult to answer some of the questions that map back to the blueprint for the secure agentic enterprise: Where are my agents? What can they connect to? And what can they do?

\r\n

Okta for AI Agents and Gemini Enterprise Agent Platform will integrate to help ensure agents are created with a verified identity, tied to a human owner, and access is governed by centralized enterprise policies. Integrations include:

\r\n

• \r\n

• AI Agent Import & Registry: For agents built on the Gemini Enterprise Agent Platform, Okta for AI Agents will enable continuous importing and registration in a centralized directory. This allows every agent to be linked to a human owner, maintaining accountability.

  \r\n
• \r\n

• Okta Policy Enforcement via the Google Agent Gateway: As external agents interact with Google services, Google Agent Gateway, within Gemini Enterprise Agent Platform, will act as the enforcement point, delegating real-time authentication and authorization to Okta for AI Agents. This helps ensure every request-human or agent-is governed by a single set of enterprise policies all managed within Okta.

  \r\n
• \r\n

\r\n

Learn more about how Okta and Google Cloud are securing identity for the AI-powered workforce.

\r\n

Strengthening security across the modern work stack

\r\n

Available now: Okta and Chrome Enterprise bring real-time threat response to the browser

\r\n

With the browser now serving as the primary environment for SaaS and AI-enabled work, it's key that IT and security teams prioritize safeguarding the browser layer. Organizations face threats such as session hijacking and credential theft, while malicious extensions and unmanaged browsing activity can create new risks and visibility gaps. Together, Okta and Chrome Enterprise are turning the browser into a policy-enforced work environment, protecting apps, data, and AI use on both managed and unmanaged devices without disrupting work. Features include:

\r\n

• \r\n

• Chrome Enterprise Universal Enrollment: Available through the Okta Integration Network, Universal Enrollment enables IT teams to enforce enterprise-grade policies through managed Chrome profiles on any device, whether managed or unmanaged, without requiring identity synchronization to Google.

  \r\n
• \r\n

• Device Trust Enhancements: Okta integrates Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time before granting access to an Okta-protected application. New antivirus (AV) signals allow Chrome to block logins at the browser level if a device's AV is disabled or out of date.

  \r\n
• \r\n

• Extensible SSO for macOS: Chrome now officially supports Apple's Extensible Single Sign-on (SSO) on macOS with support for Okta as the identity provider. Chrome now enables users to better leverage Okta FastPass and Okta Device Access for a more seamless sign-in experience across applications.

  \r\n
• \r\n

• Support for Device Bound Session Credentials (DBSC): Okta worked with Google as a design partner on DBSC, an open standard that cryptographically binds a session to a specific device via the Chrome browser, and implemented support in the Okta End-User Dashboard. While Multi-Factor Authentication (MFA) protects the login process, DBSC prevents attackers from hijacking sessions by helping ensure that on supported apps, successfully exfiltrated cookies cannot be used on another device.

  \r\n
• \r\n

\r\n

Learn more about how Okta and Chrome Enterprise are securing the browser.

\r\n

1. AI Agents at Work 2026, Okta, 2026.
\r\n 2. Session Hijacking: How It Works & How to Stop It, Obsidian, February 2026.
\r\n 3. Managing the Evolving Dynamics of Digital Platform Lock-In, BCG, November 2025.

\r\n

*Any mention in this article of solutions, features, functionalities, certifications, authorizations, or attestations that are not currently generally available or have not yet been obtained may not be delivered or obtained on time or at all. We assume no obligation to deliver on such items and you should not rely on them to make your purchase decisions.

\r\n"}}" id="text-17dc40b3a9" class="cmp-text rte-content">

Okta and Google Cloudopens in a new tab are expanding their strategic partnership to bring together best-of-breed identity, cloud, and productivity solutions that help joint customers strengthen security and resilience across their AI-powered workforce. Through new integrations between Okta and Gemini Enterprise Agent Platform and Chrome Enterprise, the companies are extending enterprise-grade security and identity governance to AI agents while protecting users, access, and devices across browser-based work.

With enterprises deploying more AI agents and embedding AI into everyday workflows, they need the ability to secure and govern agents in a similar way to how human identities are managed today. At the same time, organizations must evolve their internal security architectures to reflect that modern work is increasingly browser-based. The urgency is reflected in today's landscape:

• Modern work is evolving quickly as AI becomes a routine part of the workplace, with 92% of executives (1) reporting moderate or widespread use of AI agents, yet only 34% of organizations applying the same security controls to them as to human workers.

• Identity-based attacks, such as session hijacking, are surging, with a 127% year-over-year increaseopens in a new tab (2), as attackers steal the 'post-auth' session tokens stored in the browser.

• Platform flexibility and interoperability are growing concerns, with 62% of IT leaders viewing vendor lock-in as strategic risksopens in a new tab (3).

"Organizations shouldn't have to choose between the AI and productivity tools their teams want and the security their business requires," said Ely Kahn, Chief Product Officer, Okta. "Okta and Google are a natural fit because we pair Google's leading product suite with an identity layer that can work across the entire modern, AI-powered work stack."

"Securing the AI-powered enterprise requires a layer of identity security that operates seamlessly across the core platforms that power modern work," said Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships, Google Cloud. "Together with Okta, we're extending that foundation across Google Cloud - so customers can confidently deploy AI agents in production, govern how they interact with critical systems, and maintain strong protection across the browser."

Bringing enterprise-grade security and identity governance to AI agents

Available now: Auth0 for AI Agents integrates with Gemini Enterprise Agent Platform Runtime to more securely move agents from pilot to production

For customers building the next generation of applications on Gemini Enterprise Agent Platform Runtime. Auth0 for AI Agents provides the secure identity layer needed to move from pilot to production fast. Auth0 for AI Agents integrates with Gemini Enterprise Agent Platform Runtimeopens in a new tab to help developers embed enterprise-grade identity and access controls into their workflows, reducing the burden of custom coding, with features such as:

• User authentication: Verify that only authenticated users can invoke an agent.

• Token Vault: Securely connect agents to third-party and downstream services by storing, managing, and refreshing OAuth tokens within a Token Vault, enabling agents to safely act on a user's behalf.

• Human-in-the-loop workflows: Trigger human approval checkpoints for sensitive or high-risk actions, so agents can continue working in the background while users remain in control.

• Fine-Grained Authorization (FGA): Verify that Gemini Enterprise Agent Platform Runtime agents perform only the specific actions a user is permitted to take, helping prevent overprivileged behavior and better protect sensitive data.

• Auth for MCP: Add authentication and authorization to any MCP server, giving users granular control over exactly who gets access and what they can do.

Coming Soon: Okta for AI Agents and Gemini Enterprise Agent Platform help secure AI agents with centralized visibility and policy control

As enterprises scale to tens of thousands of agents, a lack of visibility leads to dangerous identity blind spots, while fragmented policy enforcement creates governance risks. That combination makes it difficult to answer some of the questions that map back to the blueprint for the secure agentic enterprise: Where are my agents? What can they connect to? And what can they do?

Okta for AI Agents and Gemini Enterprise Agent Platformopens in a new tab will integrate to help ensure agents are created with a verified identity, tied to a human owner, and access is governed by centralized enterprise policies. Integrations include:

• AI Agent Import & Registry: For agents built on the Gemini Enterprise Agent Platform, Okta for AI Agents will enable continuous importing and registration in a centralized directory. This allows every agent to be linked to a human owner, maintaining accountability.

• Okta Policy Enforcement via the Google Agent Gateway: As external agents interact with Google services, Google Agent Gatewayopens in a new tab, within Gemini Enterprise Agent Platform, will act as the enforcement point, delegating real-time authentication and authorization to Okta for AI Agents. This helps ensure every request-human or agent-is governed by a single set of enterprise policies all managed within Okta.

Learn more about how Okta and Google Cloud are securing identity for the AI-powered workforce.

Strengthening security across the modern work stack

Available now: Okta and Chrome Enterprise bring real-time threat response to the browser

With the browser now serving as the primary environment for SaaS and AI-enabled work, it's key that IT and security teams prioritize safeguarding the browser layer. Organizations face threats such as session hijacking and credential theft, while malicious extensions and unmanaged browsing activity can create new risks and visibility gaps. Together, Okta and Chrome Enterprise are turning the browser into a policy-enforced work environmentopens in a new tab, protecting apps, data, and AI use on both managed and unmanaged devices without disrupting work. Features include:

• Chrome Enterprise Universal Enrollment: Available through the Okta Integration Network, Universal Enrollment enables IT teams to enforce enterprise-grade policies through managed Chrome profiles on any device, whether managed or unmanaged, without requiring identity synchronization to Google.

• Device Trust Enhancements: Okta integrates Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time before granting access to an Okta-protected application. New antivirus (AV) signals allow Chrome to block logins at the browser level if a device's AV is disabled or out of date.

• Extensible SSO for macOS: Chrome now officially supports Apple's Extensible Single Sign-on (SSO) on macOS with support for Okta as the identity provider. Chrome now enables users to better leverage Okta FastPass and Okta Device Access for a more seamless sign-in experience across applications.

• Support for Device Bound Session Credentials (DBSC): Okta worked with Google as a design partner on DBSC, an open standard that cryptographically binds a session to a specific device via the Chrome browser, and implemented support in the Okta End-User Dashboard. While Multi-Factor Authentication (MFA) protects the login process, DBSC prevents attackers from hijacking sessions by helping ensure that on supported apps, successfully exfiltrated cookies cannot be used on another device.

Learn more about how Okta and Chrome Enterprise are securing the browser.

1. AI Agents at Work 2026, Okta, 2026.
2. Session Hijacking: How It Works & How to Stop It, Obsidian, February 2026.
3. Managing the Evolving Dynamics of Digital Platform Lock-In, BCG, November 2025.

*Any mention in this article of solutions, features, functionalities, certifications, authorizations, or attestations that are not currently generally available or have not yet been obtained may not be delivered or obtained on time or at all. We assume no obligation to deliver on such items and you should not rely on them to make your purchase decisions.