Only 34% of organizations apply the same security controls to AI agents that they apply to human workers, even as 92% of executives report moderate or widespread agent deployment. Okta is trying to close that gap through an expanded partnership with Google Cloud announced this week. The deal pairs Okta's identity layer with Google's Gemini Enterprise Agent Platform and Chrome Enterprise, targeting two problems: AI agents operating without governance and browser-based session hijacking attacks that rose 127% year-over-year.
Developers get immediate access to an integration connecting Auth0 for AI Agents to the Gemini Enterprise Agent Platform Runtime. Five features ship in this release: user authentication that restricts agent activation to verified users, a Token Vault that stores and refreshes OAuth tokens so agents can act on a user's behalf, human-in-the-loop approval checkpoints for high-risk actions, Fine-Grained Authorization that limits agents to actions their human owner is permitted to take, and authentication for any Model Context Protocol server.
A second integration, billed as coming soon, will connect Okta for AI Agents to the Gemini Enterprise Agent Platform for centralized visibility. The goal is to let companies import agents into a central directory, link each one to a human owner, and route requests through the Google Agent Gateway, which delegates real-time authentication back to Okta.
"Organizations shouldn't have to choose between the AI and productivity tools their teams want and the security their business requires," said Okta Chief Product Officer Ely Kahn. On the browser side, the companies are adding real-time threat response. Chrome Enterprise Universal Enrollment, available through the Okta Integration Network, lets IT teams push enterprise policies to managed Chrome profiles on any device without syncing identity to Google.
Okta also integrated its Device Assurance signals with the Chrome Device Trust Connector, allowing Chrome to block logins when a device's antivirus is disabled or out of date. The most notable browser security addition is support for Device Bound Session Credentials, an open standard that cryptographically ties a session to a single device.
Okta worked with Google as a design partner on the standard, which makes stolen cookies useless on another machine. That directly addresses the 127% surge in session hijacking attacks.
Google Cloud's Vineet Bhan, Director and Global Head of Security and Identity ISV Partnerships, said securing the AI-powered enterprise requires an identity layer operating across core platforms. The integrations let customers deploy AI agents in production, govern how those agents interact with critical systems, and maintain protection at the browser level.
"Together with Okta, we're extending that foundation across Google Cloud."
The expanded partnership follows Okta's broader push to position agent identity as a distinct category. The company launched Okta for AI Agents in April and opened its agent platform to rival identity providers in May, signaling an approach that avoids locking customers into a single ecosystem.
Okta cited research showing 62% of IT leaders view vendor lock-in as a strategic risk.
