Okta and Google Cloud have expanded their strategic partnership, building integrations that extend enterprise identity security to AI agents running on Google's Gemini Enterprise Agent Platform, and to browser-based work through Chrome Enterprise. The announcement landed at the Google Cloud London Summit on Wednesday.
The urgency behind it is statistical. Ninety-two percent of executives report moderate or widespread use of AI agents in their organisations; only 34% apply the same security controls to those agents as to human workers. Meanwhile, identity-based attacks — specifically session hijacking, where attackers steal post-authentication tokens stored in the browser — have risen 127% year-on-year. And 62% of IT leaders flag vendor lock-in as a strategic risk in how they build security architectures.
The first wave of integrations, available now, wires Okta's Auth0 for AI Agents into Gemini Enterprise Agent Platform Runtime. Developers building on that platform can use it to add user authentication to agent invocations, manage OAuth tokens inside a centralised Token Vault rather than scattering them across services, trigger human approval checkpoints before agents take sensitive actions, and apply fine-grained authorisation that limits what any given agent can do on a user's behalf. Support for securing MCP servers is also included, giving teams granular control over who accesses what via the Model Context Protocol.
A second integration, due later, will address the governance gap that emerges when enterprises run tens of thousands of agents: agents will be registered in a centralised directory with a verified identity and a named human owner, and authentication and authorisation requests to Google services will be delegated through Okta's policy layer in real time.
Okta's Chief Product Officer Ely Kahn said: "Organizations shouldn't have to choose between the AI and productivity tools their teams want and the security their business requires. Okta and Google are a natural fit because we pair Google's leading product suite with an identity layer that can work across the entire modern, AI-powered work stack."
The Chrome Enterprise element of the partnership addresses the browser as a primary threat surface. Okta and Chrome Enterprise are combining Universal Enrollment, enhanced Device Trust with real-time posture evaluation, and Device Bound Session Credentials — credentials that invalidate when browser protection is disabled or out of date — into a single policy-enforced work environment across both managed and unmanaged devices.
Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships at Google Cloud, said: "Securing the AI-powered enterprise requires a layer of identity security that operates seamlessly across the core platforms that power modern work. Together with Okta, we're extending that foundation across Google Cloud — so customers can confidently deploy AI agents in production, govern how they interact with critical systems, and maintain strong protection across the browser."
The security framing here matters. AI agents inherit the permissions of the identities they act on behalf of — and unlike human workers, they can be invoked at scale, across many systems, without a human pausing to check whether a given action is appropriate. The absence of centralised identity governance for agents is a structural risk that most enterprise security programmes haven't caught up with. This partnership is an attempt to close that gap at the platform level rather than leaving each organisation to solve it individually.
To stay across the latest in cloud, AI and enterprise tech analysis from Compare the Cloud, subscribe to our weekly newsletter at https://www.comparethecloud.net/newsletter
