IT Brief India - Technology news for CIOs & IT decision-makers
India
Okta expands AI agent controls with Amazon Bedrock
SaaS Hybrid Cloud Digital Transformation

Okta expands AI agent controls with Amazon Bedrock

Mon, 18th May 2026 (Today)
Sofiah Nichole Salivio
SOFIAH NICHOLE SALIVIO News Editor

Okta has added support for Amazon Bedrock AgentCore to its Okta for AI Agents product and extended the offering to work with non-Okta identity providers.

The changes are designed to help organisations manage the identity, access and governance of AI agents across different platforms and enterprise systems.

The Amazon Bedrock AgentCore integration gives customers a way to manage agent identities built on Amazon Web Services through ownership assignment, lifecycle controls and deactivation tools. The service can also discover agents by monitoring new OAuth consent grants in browsers and import agents from AgentCore through the Okta Integration Network.

Once registered, agents can be assigned a human owner and baseline governance policies in a central system. Organisations can also define which resources those agents may access, set authentication methods and determine the scopes they receive.

The product also includes workflow tools for user access requests and certification for AI agents. Customers can revoke an agent's access with a single action and capture system logs, tool calls and authorisation decisions for compliance and incident response.

Growing oversight

The move comes as companies face a sharp rise in non-human identities tied to AI deployments. Okta cited Gartner forecasts that an average global Fortune 500 company will have more than 150,000 agents in use by 2028, while noting that many existing security models are not designed to govern that scale.

Okta said 90% of enterprise agents are over-permissioned and 53% of AI agents access sensitive information. It argued that this increases the need for visibility into what agents exist, what they can connect to and what actions they are allowed to take.

Okta is positioning the product as a way to manage agents across mixed technology environments rather than within a single software ecosystem. The platform can work across different agent builders it already supports, including Salesforce Agentforce and ServiceNow AI Platform.

Support for non-Okta identity providers is the second part of the update. This allows organisations to keep existing systems such as Microsoft Entra ID or Ping for human user identities while using Okta to govern the lifecycle of AI agents.

In practice, this gives customers a separate layer for agent identity management without replacing their existing identity infrastructure for employees and other users. Okta said this creates a single control plane for discovering agents and managing access to software-as-a-service applications, APIs, MCP servers and other enterprise resources.

Ely Kahn, Chief Product Officer at Okta, said the spread of AI agents across different platforms has made single-vendor approaches less practical.

"Security and IT leaders need a better way to understand where their agents are, what they can connect to and what they can do. With AI agents being built on different platforms and deployed across distributed environments, the agentic enterprise doesn't fit into a single-vendor ecosystem. Okta for AI Agents is the neutral platform built to secure the full agent lifecycle, from initial discovery and onboarding to ongoing protection and governance," Kahn said.

APJ focus

Okta also highlighted demand from organisations in Asia Pacific and Japan, where businesses often run distributed technology estates while increasing their use of AI. It said this creates pressure to maintain oversight as agent deployments move from trials into operational use.

Stephanie Barnett, vice president of presales APJ at Okta, described the issue as part of a broader shift in identity management as non-human identities increase.

"We're seeing organisations rapidly deploying AI agents, often faster than their governance and security capabilities can handle. In some enterprises, non-human identities now outnumber human ones by as much as 45 to 1, which fundamentally shifts how we need to think about identity and access. This is especially critical in APAC, where many organisations are managing complex, distributed tech environments while scaling their AI use. The challenge isn't just securing human users anymore. You need visibility into what your AI agents can access, what actions they're permitted to take and how you maintain oversight as deployments grow. When organisations move from experimentation into operational use, they need a consistent way to govern AI agents across different platforms without introducing unnecessary complexity or vendor lock-in. Okta for AI Agents integrated with Amazon Bedrock AgentCore addresses this directly. It brings the visibility, accountability and control required to scale AI adoption with confidence," Barnett said.

The latest changes are available now.

Related stories
AI bots overwhelm identity controls in Australia & NZ
Google report warns identity is weak link in cloud
Saviynt adds Amazon Q AI tools to boost identity risk
AI surge exposes cloud security gaps, report warns
Cloud security skills gap widens as AI adoption surges
Top stories
Bedrock Data expands free Snowflake Cortex governance
emma launches GPU governance tools for cloud AI ops
Equipifi raises USD $34 million in Series B funding
Brivo launches AI-friendly API for security integrations
Sovereignty boosts enterprise AI returns, study finds