Okta announced Cross App Access, a new open protocol built as an extension of OAuth to secure interactions between Artificial Intelligence agents and enterprise applications. The company positions the approach as a remedy for today’s opaque app-to-app connections and manual, inconsistent consent flows that leave IT and security teams with limited oversight. Cross App Access is designed to provide policy-based control and auditing of what tools connect, which data they can reach, and how access is granted at scale.
The launch comes as more Artificial Intelligence tools adopt protocols such as Model Context Protocol and Agent2Agent to tap enterprise data and services, introducing non-deterministic access patterns that cross system boundaries. Okta argues that existing identity standards and controls were not built for autonomous agents or the rising volume of app-to-app connections. While Model Context Protocol improves transparency and communication, it does not manage access, which is the gap Cross App Access aims to fill by shifting authorization decisions to the identity provider.
In a typical workflow outlined by Okta, an Artificial Intelligence tool requests access to an internal communication application through Okta, which evaluates the request against enterprise policies. If permitted, Okta issues a token that the Artificial Intelligence tool presents to the target application for validation. Once validated, the application grants access without additional user interaction, and the enterprise gains visibility into when the tool acts on a user’s behalf. The model removes repetitive consent prompts and reduces reliance on long-lived tokens while centralizing governance.
Okta is building Cross App Access with independent software vendor partners to help them deliver secure, enterprise-grade integrations in an Artificial Intelligence-powered environment. For ISVs, the protocol targets risky token exchanges, fragmented identity flows, and mounting compliance demands. For enterprises, it promises stronger security, better interoperability, and lower friction for end users when agents perform actions across file storage, project management, and communications tools. Okta expects Cross App Access to be available to select Okta Platform customers as a feature in the third quarter and is inviting ISVs to apply for early access.
