Taken from https://www.okta.com/newsroom/articles/showcase-announcements/

Identity is security

Non-human identities (NHIs), including service accounts, API keys, and machine credentials, have existed for decades. With SaaS and cloud adoption, their numbers have surged, making detection, management, and governance increasingly difficult. In some enterprises, NHIs can outnumber human identities by as much as 50 to one (Source). 

Now, AI agents and automation tools are accelerating this growth further, expanding the attack surface with each new deployment.

Traditional Identity Security models weren’t built for this scale or level of autonomy. We need a new approach.

Our vision for the future of non-human Identity Security

Today, we help thousands of customers manage NHIs, like service accounts, at scale. 

But the future demands more, and as the leading Identity vendor, we’re defining a bold vision for how NHIs should be deployed and controlled in the enterprise, built on three key principles:

• Unified management for all identities : A centralized platform is essential to effectively manage all types of users, including NHIs, with the same rigor as human identities 

• Comprehensive security and governance for NHIs: Solutions to help organizations gain visibility, enforce least privilege access, remediate security risks, and govern how applications share and exchange sensitive data

• Securely build and deploy AI agents: Developer-friendly solutions that make it easy to deploy GenAI apps faster with security already built-in 

How we’re delivering on this vision 

Auth0 Platform: Securely build and deploy AI agents with Auth for GenAI

Auth for GenAI makes it easy for developers to roll out GenAI apps with Identity Security built with AI agents in mind. Auth for GenAI helps secure AI agents at each of the four Identity controls without slowing productivity. Using Auth for GenAI, enterprises can build their apps with four key requirements: 

• Easily implement secure login experiences for AI agents

• Enable AI Agents to securely call APIs on behalf of a user 

• Enable autonomous agents to work independently while maintaining user control by getting explicit user approval for critical actions

• Enforce granular permissions for RAG document retrieval and help ensure AI agents only access authorized content

Building AI agents? Get started with Auth for GenAI here. 

Okta Platform: Unified management and end-to-end security for NHIs

Okta provides a unified approach to securing service accounts and other NHIs, ensuring they receive the same level of governance, security, and control as human identities. 

While many organizations are only beginning to think about how or when to implement AI agents, every company today uses service accounts. Service accounts are often non-federated, lack multi-factor authentication (MFA), and have static credentials that aren’t regularly rotated. These factors, combined with excessive privileges and a high blast radius, create an attractive attack vector for adversaries. 

The Okta Platform empowers you to:

• Integrate NHIs within a single Identity Security framework

• Automatically detect, classify, and remediate overprivileged NHIs without manual intervention

• Securely manage service account passwords, and enforces policies for who can access the secret, and for how long

• Connect seamlessly to CI/CD pipelines, cloud services, and SaaS apps

• Ensure NHIs never have persistent access

Are you building AI agents? Sign up for our waitlist here. 

The future of Identity Security

The future of Identity Security must evolve alongside NHIs, AI, and whatever new Identity challenges might come next. 

There’s so much more to Identity Security. Learn more about our most recent announcements that help you build secure customer experiences, protect employees across every device, and respond to threats faster here. 

Okta’s forward-looking statement applies to this article.

Learn More

Protect non-human identities

Gain visibility and take control of privileged non-human accounts with Identity Security Posture Management and Okta Privileged Access.