Blab AI
Okta and Google Cloud Expand Partnership to Secure AI Agents and Browser-Based Work
In a bid to harden identity security for automated enterprise workflows, Okta Inc. and Google Cloud announced a broadened set of integrations on June 21 2026. The move extends Okta’s identity‑governance tools to AI agents that run on Google’s Gemini Enterprise Agent Platform and to browser‑based work environments via Chrome Enterprise.
The expansion builds on Okta’s recent AI Agents at Work market report, which found that 92 % of executives report moderate or widespread use of AI agents in their organisations. The same report notes that only 34 % of companies apply the same security controls to digital workers as they do to human employees, creating a gap that could threaten business continuity and customer trust.
According to the study, 62 % of IT executives see vendor lock‑in as a strategic risk. By integrating Okta’s identity layer with Google Cloud’s services, the two companies aim to provide an open, interoperable security ecosystem that lets organisations adopt AI agents without becoming dependent on a single platform.
Key technical components of the new integration include:
Auth0 for AI Agents – connects directly to the Agent Runtime on the Gemini Enterprise Agent Platform, providing a secure identity layer that eliminates the need for custom coding when moving from pilot projects to production. User authentication – ensures that only authenticated users can invoke an agent. Token Vault – stores, manages and refreshes OAuth tokens, allowing agents to connect safely to downstream services. Human‑in‑the‑loop workflows – trigger human approval checkpoints for high‑risk actions while agents operate in the background. Fine‑grained authorisation – limits agents to the specific actions a user is permitted to perform. Auth for MCP – adds authentication and authorisation to any Model Context Protocol server, supporting governance as agent deployments scale.
Okta’s Chief Product Officer Ely Kahn said the collaboration “pairs Google’s leading product suite with an identity layer that can work across the entire modern, AI‑powered work stack.” The company also announced that Okta for AI Agents will soon integrate with the wider Gemini Enterprise Agent Platform, enabling automated tools to have a verified identity and to be imported into a centralised directory for human accountability.
On the browser side, the partnership leverages Chrome Enterprise Universal Enrollment, which allows IT teams to enforce enterprise‑grade policies through managed Chrome profiles on any device. The feature is available through the Okta Integration Network and does not require identity synchronisation to Google.
Device‑trust enhancements will combine Okta Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time. New antivirus signals will allow Chrome to block logins at the browser level if a device has out‑of‑date protection. These controls address threats from credential theft and malicious extensions, which have become prominent as modern work increasingly takes place within web browsers.
Security analysts note that session hijacking has risen 127 % year‑over‑year, as threat actors target post‑authentication session tokens stored in browsers. Browser‑based credential theft is now the primary vector for unauthorised access, according to a 2026 DBIR report. By enforcing policies at the browser layer, Okta and Google aim to close the visibility gap that allows attackers to operate as trusted users.
The commercial implications of the partnership centre on operational resilience. Security incidents can disrupt revenue operations and damage client relationships, especially for organisations offering agent‑based services to external customers. Centralised governance could reduce compliance complexity, as visibility into agent activity supports audit requirements and risk‑management frameworks.
In summary, the Okta‑Google Cloud collaboration introduces a suite of identity‑security tools for AI agents and browser‑based work. The integration promises to lower barriers to AI deployment while maintaining governance standards, potentially accelerating the transition of agent‑based services from pilot to production.
The partnership is expected to roll out in phases, with the Auth0 for AI Agents integration already live and the Gemini Enterprise Agent Platform integration slated for the next quarter. Browser‑based controls through Chrome Enterprise are available immediately to organisations that have opted into the Universal Enrollment feature.
As enterprises continue to adopt AI agents at scale, the partnership underscores the growing need for robust identity governance that matches the pace of automation.
The expansion builds on Okta’s recent AI Agents at Work market report, which found that 92 % of executives report moderate or widespread use of AI agents in their organisations. The same report notes that only 34 % of companies apply the same security controls to digital workers as they do to human employees, creating a gap that could threaten business continuity and customer trust.
According to the study, 62 % of IT executives see vendor lock‑in as a strategic risk. By integrating Okta’s identity layer with Google Cloud’s services, the two companies aim to provide an open, interoperable security ecosystem that lets organisations adopt AI agents without becoming dependent on a single platform.
Key technical components of the new integration include:
Auth0 for AI Agents – connects directly to the Agent Runtime on the Gemini Enterprise Agent Platform, providing a secure identity layer that eliminates the need for custom coding when moving from pilot projects to production. User authentication – ensures that only authenticated users can invoke an agent. Token Vault – stores, manages and refreshes OAuth tokens, allowing agents to connect safely to downstream services. Human‑in‑the‑loop workflows – trigger human approval checkpoints for high‑risk actions while agents operate in the background. Fine‑grained authorisation – limits agents to the specific actions a user is permitted to perform. Auth for MCP – adds authentication and authorisation to any Model Context Protocol server, supporting governance as agent deployments scale.
Okta’s Chief Product Officer Ely Kahn said the collaboration “pairs Google’s leading product suite with an identity layer that can work across the entire modern, AI‑powered work stack.” The company also announced that Okta for AI Agents will soon integrate with the wider Gemini Enterprise Agent Platform, enabling automated tools to have a verified identity and to be imported into a centralised directory for human accountability.
On the browser side, the partnership leverages Chrome Enterprise Universal Enrollment, which allows IT teams to enforce enterprise‑grade policies through managed Chrome profiles on any device. The feature is available through the Okta Integration Network and does not require identity synchronisation to Google.
Device‑trust enhancements will combine Okta Device Assurance with the Chrome Device Trust Connector to evaluate browser and device posture in real time. New antivirus signals will allow Chrome to block logins at the browser level if a device has out‑of‑date protection. These controls address threats from credential theft and malicious extensions, which have become prominent as modern work increasingly takes place within web browsers.
Security analysts note that session hijacking has risen 127 % year‑over‑year, as threat actors target post‑authentication session tokens stored in browsers. Browser‑based credential theft is now the primary vector for unauthorised access, according to a 2026 DBIR report. By enforcing policies at the browser layer, Okta and Google aim to close the visibility gap that allows attackers to operate as trusted users.
The commercial implications of the partnership centre on operational resilience. Security incidents can disrupt revenue operations and damage client relationships, especially for organisations offering agent‑based services to external customers. Centralised governance could reduce compliance complexity, as visibility into agent activity supports audit requirements and risk‑management frameworks.
In summary, the Okta‑Google Cloud collaboration introduces a suite of identity‑security tools for AI agents and browser‑based work. The integration promises to lower barriers to AI deployment while maintaining governance standards, potentially accelerating the transition of agent‑based services from pilot to production.
The partnership is expected to roll out in phases, with the Auth0 for AI Agents integration already live and the Gemini Enterprise Agent Platform integration slated for the next quarter. Browser‑based controls through Chrome Enterprise are available immediately to organisations that have opted into the Universal Enrollment feature.
As enterprises continue to adopt AI agents at scale, the partnership underscores the growing need for robust identity governance that matches the pace of automation.
