Okta and Google Cloud are expanding their partnership with new integrations. The announcements focus on securing AI agents through Auth0 for AI Agents and Gemini Enterprise Agent Platform Runtime, and on improving browsersecurity through Chrome Enterprise.
For developers, there’s Auth0 for AI Agents with Gemini Enterprise Agent Platform Runtime. Okta launched the Okta for AI Agents platform in April, designed to discover AI agents, manage their access, and block them immediately when necessary. The new integration with Google Gemini Enterprise builds on that and offers what is referred to as “enterprise-grade” identity and access management for agents.
Auth0 for AI Agents Integration
The integration includes five features. User authentication ensures that only verified users can activate an agent. A Token Vault securely stores OAuth tokens so that agents can act on behalf of users. Human-in-the-loop workflows forward sensitive actions to an employee for approval. Fine-Grained Authorization (FGA) ensures that agents perform only actions for which a user is authorized. Finally, MCP authentication adds access control to MCP servers.
Taken together, these features should help bring agents into production faster—something organizations may already be doing without the desired security levels, or, if they do take IT security seriously, may not yet be able to do. Now, both parties should be able to take a secure yet rapid step toward true adoption.
Chrome Enterprise as a Security Layer
Okta and Chrome Enterprise are also introducing new capabilities to protect browsers against threats such as session hijacking and credential theft.
Chrome Enterprise Universal Enrollment enables IT teams to enforce enterprise policies through managed Chrome profiles on any device. Device Trust combines Okta Device Assurance with the Chrome Device Trust Connector to assess browser and device status in real time. Chrome now also supports Apple’s Extensible Single Sign-On (SSO) on macOS, with Okta as the identity provider.
Notably, support for Device Bound Session Credentials (DBSC) has been added. This open standard cryptographically binds sessions to a specific device. In this way, DBSC helps prevent session hijacking. Stolen cookies simply do not work on other devices.
“Organizations shouldn’t have to choose between the AI and productivity tools their employees want to use and the security the company needs,” said Ely Kahn, Chief Product Officer at Okta.
Okta and Google Cloud are continuing to work on integrations between Okta for AI Agents and the Gemini Enterprise Agent Platform to provide greater insight into agent usage and centralized access policies.