New Auth0 Platform Innovations Help Developers Secure GenAI Applications with Identity for AI Agents
Okta (NASDAQ: OKTA) has announced the Developer Preview release of Auth for GenAI, a new suite of features within the Auth0 Platform designed to secure AI applications. The solution enables developers to implement secure identity controls for AI agents, including authentication, fine-grained authorization, and secure API access.
The platform introduces key features including User Authentication, Token Vault for secure API connections, Asynchronous Authorization for human-in-the-loop approval, and Fine Grained Authorization for retrieval augmented generation (RAG). The solution integrates with popular AI frameworks like Langchain, Llamaindex, Google GenKit, and Vercel.ai.
Additionally, Okta unveiled Enterprise-Ready Customer Identity capabilities and improvements to the Auth0 platform, including Tenant Access Control, Advanced Customization for Universal Login, and Native to Web SSO, with FAPI 2 Certification expected in Q2 2025.
Okta (NASDAQ: OKTA) ha annunciato il rilascio della Developer Preview di Auth for GenAI, una nuova suite di funzionalità all'interno della piattaforma Auth0 progettata per garantire la sicurezza delle applicazioni AI. La soluzione consente agli sviluppatori di implementare controlli di identità sicuri per gli agenti AI, inclusi autenticazione, autorizzazione dettagliata e accesso sicuro alle API.
La piattaforma introduce funzionalità chiave tra cui Autenticazione Utente, Token Vault per connessioni API sicure, Autorizzazione Asincrona per l'approvazione da parte di un umano, e Autorizzazione Dettagliata per la generazione aumentata da recupero (RAG). La soluzione si integra con framework AI popolari come Langchain, Llamaindex, Google GenKit e Vercel.ai.
Inoltre, Okta ha svelato le capacità di Identità Cliente Pronta per le Imprese e miglioramenti alla piattaforma Auth0, inclusi Controllo Accesso per Tenant, Personalizzazione Avanzata per il Login Universale e SSO Nativo per il Web, con la certificazione FAPI 2 prevista nel secondo trimestre del 2025.
Okta (NASDAQ: OKTA) ha anunciado el lanzamiento de la Developer Preview de Auth for GenAI, un nuevo conjunto de funciones dentro de la plataforma Auth0 diseñado para asegurar aplicaciones de IA. La solución permite a los desarrolladores implementar controles de identidad seguros para agentes de IA, incluyendo autenticación, autorización detallada y acceso seguro a API.
La plataforma presenta características clave como Autenticación de Usuario, Token Vault para conexiones API seguras, Autorización Asincrónica para la aprobación de humanos, y Autorización Detallada para la generación aumentada de recuperación (RAG). La solución se integra con marcos de IA populares como Langchain, Llamaindex, Google GenKit y Vercel.ai.
Además, Okta reveló capacidades de Identidad de Cliente Listo para Empresas y mejoras en la plataforma Auth0, incluyendo Control de Acceso de Inquilinos, Personalización Avanzada para Inicio de Sesión Universal y SSO Nativo para la Web, con la certificación FAPI 2 esperada para el segundo trimestre de 2025.
Okta (NASDAQ: OKTA)는 AI 애플리케이션의 보안을 위해 설계된 Auth0 플랫폼 내의 새로운 기능 모음인 Auth for GenAI의 개발자 미리보기 출시를 발표했습니다. 이 솔루션은 개발자들이 AI 에이전트를 위한 안전한 신원 관리를 구현할 수 있도록 하며, 여기에는 인증, 세분화된 권한 부여 및 안전한 API 접근이 포함됩니다.
이 플랫폼은 사용자 인증, 안전한 API 연결을 위한 토큰 금고, 인간 승인 절차를 위한 비동기 권한 부여, 그리고 검색 증강 생성(RAG)을 위한 세분화된 권한 부여와 같은 주요 기능을 소개합니다. 이 솔루션은 Langchain, Llamaindex, Google GenKit 및 Vercel.ai와 같은 인기 AI 프레임워크와 통합됩니다.
또한 Okta는 기업 준비 완료 고객 신원 기능과 Auth0 플랫폼에 대한 개선 사항, 즉 테넌트 접근 제어, 범용 로그인에 대한 고급 사용자화 및 웹에 대한 네이티브 SSO를 공개했으며, FAPI 2 인증은 2025년 2분기에 예상됩니다.
Okta (NASDAQ: OKTA) a annoncé la sortie de la Developer Preview de Auth for GenAI, une nouvelle suite de fonctionnalités au sein de la plateforme Auth0 conçue pour sécuriser les applications d'IA. La solution permet aux développeurs de mettre en œuvre des contrôles d'identité sécurisés pour les agents d'IA, y compris l'authentification, l'autorisation fine et l'accès sécurisé aux API.
La plateforme introduit des fonctionnalités clés telles que Authentification Utilisateur, Token Vault pour des connexions API sécurisées, Autorisation Asynchrone pour l'approbation humaine et Autorisation Fine pour la génération augmentée par récupération (RAG). La solution s'intègre avec des frameworks d'IA populaires tels que Langchain, Llamaindex, Google GenKit et Vercel.ai.
De plus, Okta a dévoilé des capacités d'Identité Client Prête pour les Entreprises et des améliorations de la plateforme Auth0, y compris le Contrôle d'Accès aux Locataires, la Personnalisation Avancée pour la Connexion Universelle et le SSO Natif pour le Web, avec une certification FAPI 2 attendue au deuxième trimestre 2025.
Okta (NASDAQ: OKTA) hat die Developer Preview von Auth for GenAI angekündigt, einer neuen Funktionalitätssuite innerhalb der Auth0-Plattform, die zur Sicherung von KI-Anwendungen entwickelt wurde. Die Lösung ermöglicht es Entwicklern, sichere Identitätskontrollen für KI-Agenten zu implementieren, einschließlich Authentifizierung, feingranularer Autorisierung und sicherem API-Zugriff.
Die Plattform führt wichtige Funktionen ein, darunter Benutzerauthentifizierung, Token Vault für sichere API-Verbindungen, Asynchrone Autorisierung für menschliche Genehmigungen und Feingranulare Autorisierung für Retrieval-augmented Generation (RAG). Die Lösung integriert sich mit beliebten KI-Frameworks wie Langchain, Llamaindex, Google GenKit und Vercel.ai.
Darüber hinaus hat Okta die Funktionen für Unternehmensbereite Kundenidentität und Verbesserungen der Auth0-Plattform vorgestellt, darunter Tenant Access Control, erweiterte Anpassung für Universal Login und Native Web SSO, wobei die FAPI 2-Zertifizierung im zweiten Quartal 2025 erwartet wird.
- Launch of Auth for GenAI platform addresses growing market need for AI application security
- Integration with major AI frameworks expands market reach
- Enhanced enterprise features support up to 2 million business customers
- New security features strengthen product offering for enterprise clients
- FAPI 2 Certification delayed until Q2 2025
- Some features still in Developer Preview phase, not yet generally available
Insights
Okta's introduction of Auth for GenAI represents a significant strategic move that addresses a critical security gap in the rapidly evolving generative AI landscape. As LLMs become commoditized and AI agents proliferate, the security infrastructure hasn't kept pace with functionality. This announcement is particularly well-timed as organizations are increasingly deploying AI agents with insufficient identity controls.
The four core components of this solution—User Authentication, Token Vault, Asynchronous Authorization, and Fine-Grained Authorization for RAG—directly address the most pressing security concerns with AI agents. The Token Vault functionality is especially notable as it solves the complex challenge of securely connecting AI agents to various systems like Gmail and Slack through proper OAuth 2.0 implementation, preventing excessive permissions that could lead to data leakage.
What makes this development particularly valuable is the integration with popular AI frameworks including Langchain, Llamaindex, Google GenKit, and Vercel.ai. This demonstrates Okta's understanding that security adoption requires friction-free implementation within developers' existing workflows. The asynchronous authorization capability also recognizes the unique operational patterns of AI agents, which often perform tasks over extended timeframes.
By building security directly into the development tools, Okta is positioning itself at the intersection of two major enterprise priorities: accelerating AI adoption and maintaining robust security postures—a valuable market position as organizations seek to implement GenAI while managing the associated risks.
This announcement positions Okta strategically within the rapidly emerging AI security ecosystem, expanding their addressable market beyond traditional identity management. By moving early to address AI agent authentication and authorization, Okta is creating potential competitive differentiation in a high-growth segment where security concerns often delay enterprise adoption.
The enhancement of Enterprise-Ready Customer Identity features demonstrates Okta's dual focus on both emerging technologies and core enterprise requirements. Capabilities like Auth0 Organizations that support up to
From a competitive standpoint, Okta is effectively leveraging its 2021 Auth0 acquisition to advance its developer-focused strategy. By prioritizing seamless integration with popular AI frameworks, they're reducing barriers to adoption while creating potential lock-in effects as these GenAI applications scale.
The broader user experience enhancements—including advanced customization for Universal Login, Native to Web SSO, and CIBA—show Okta isn't solely focused on capturing new markets but also strengthening its core identity platform. This balanced approach to product development reduces execution risk while potentially increasing wallet share among existing customers deploying AI initiatives.
While revenue impact will likely be gradual as these features move from Developer Preview to general availability, this announcement strengthens Okta's narrative as an identity innovator capable of securing emerging technologies.
Why it Matters:
- As LLMs become increasingly commoditized, with more widely available, cost-effective models and open-source AI frameworks emerge to rival proprietary systems, AI agents will become commonplace quicker than expected. This is in addition to LLMs making it possible for anyone to program in natural language.
- Despite AI agents' ability to connect with more layers of data than LLMs alone, security remains an afterthought. To keep up with the pace of innovation, developers are wholly focused on functionality, often moving forward with insecure implementations or defaulting to postponing or canceling their AI agent projects altogether.
- Authorization is being frequently overlooked. Agents are connecting to APIs with integrations that aren’t optimized for AI-driven access, and email or push notifications triggered to approve sensitive actions are being implemented with minimal security controls.
- Regardless of what frameworks developers choose to build on top of, without a purpose-built security approach, these gaps leave AI agents vulnerable to unauthorized access, data exposure, and other prevalent LLM risks1.
- Outside of securely building GenAI applications, developers are also being tasked with ensuring their B2B SaaS applications meet the more stringent requirements of enterprise buyers, while also delivering seamless and contextualized experiences for end users.
“This explosion of AI-powered assistants that can answer complex questions, automate workflows, and take actions on behalf of users is undoubtedly exciting. However, it can be challenging to add security effectively once deployed,” said Shiven Ramji, President of Auth0, at Okta. “With Auth for GenAI, developers can help ensure that AI agents are built with secure authentication and authorization from their inception, granting access only to what’s necessary and preventing misuse.”
Secure Identity in GenAI Applications with a Seamless Developer Experience
AI agents are being granted access to systems without the right identity controls, creating security blind spots and risk. Traditional authentication methods weren’t built for AI-driven applications, leaving gaps in control and accountability. Developers need to ensure AI agents authenticate users, interact with other apps on the user’s behalf, use asynchronous interactions, and consider user permissions when accessing data.
What’s the Latest – Auth for GenAI
Now available in Developer Preview, Auth for GenAI enables developers to meet the identity requirements to build secure agentic apps and seamlessly integrate with the broader GenAI ecosystem. Auth for GenAI also integrates with popular AI frameworks like Langchain, Llamaindex, Google GenKit, and Vercel.ai, giving developers greater flexibility and efficiency in building and deploying AI-powered applications. Features include:
- User Authentication: To operate securely, AI agents must authenticate users, just like any other application, ensuring they confirm the user's identity before granting access or taking specific actions. With Auth for GenAI, developers can build a secure and seamless experience for AI agents to authenticate users.
- Token Vault: AI Agents interact with applications on behalf of users through APIs, not user interfaces. Without strong identity controls, AI agents could access APIs they shouldn’t, leak sensitive data to unauthorized sources, or be unable to perform tasks. With the Token Vault, AI agents can securely connect to tools like Gmail and Slack using OAuth 2.0 for token management while also automatically handling token refreshes and exchanges.
- Asynchronous Authorization: AI agents don’t always complete tasks instantly, with some actions—like data processing, transaction approvals, or decision-making—taking minutes, hours, or even days. Async authorization triggers human-in-the-loop approval, allowing humans to supervise and approve or reject sensitive actions when away from the chatbot.
- Fine Grained Authorization for RAG: Not every AI agent should have the same permissions. Some should only retrieve data, others should execute commands, and some should make high-risk decisions—like approving a loan or processing a refund. With Auth0 Fine Grained Authorization for retrieval augmented generation (RAG), agents will only retrieve documents that users have access to, dynamically updating to reflect changing business rules, compliance requirements, and risk levels.
Build Enterprise-Ready Apps that Meet Critical Identity Requirements
To move upmarket, B2B SaaS developers need to ensure the core app features meet the needs of enterprise buyers. This includes satisfying a long list of critical identity requirements, such as supporting the latest security protocols and identity standards, automating user provisioning and deprovisioning, and enabling delegated administration.
What’s New – Enterprise-Ready Customer Identity
Enterprise-Ready Customer Identity is a suite of new and existing enterprise-differentiating identity and access management capabilities. It provides a faster, more efficient, and cost-effective way to meet key enterprise requirements. Features include:
- Auth0’s comprehensive self-service capabilities to help reduce developer burden by streamlining identity management and delegating core admin tasks to their business customers.
- Auth0 Universal Logout provides out-of-the-box user session and token revocation for enterprise-grade security, mitigating risks across the app ecosystem without building and maintaining custom global token revocation endpoints.
- Auth0 Organizations helps manage business customers at scale with branded, federated login flows tailored to each business's unique needs, supporting up to 2 million business customers within a single Auth0 tenant.
- Auth0 Fine Grained Authorization enables user collaboration and access control with granularity, all with easy-to-use APIs.
Improve User Experiences While Strengthening Security
Modern digital experiences are raising customer expectations and redefining what businesses must deliver to remain competitive. Businesses need to show that they understand their customers’ unique needs by personalizing their offers, providing ease of use across all channels, and proving they can protect their data.
What’s New – Auth0 Platform: Innovations for Secure Experiences
Through new enhancements to the Auth0 platform, organizations can deliver seamless, trusted customer experiences before, at, and after login. Innovations include:
- Before login: Tenant Access Control – Control who can access an app — and how. Organizations can set rules that determine whether users can access the app, get blocked, or get redirected, and they can do this all before the user ever reaches the login screen.
- At login: Advanced Customization for Universal Login – The next evolution of Universal Login customization lets organizations tailor every detail — down to the last pixel — to match their brand and user experience goals.
-
After login:
- FAPI 2 Certification expected Q2 2025 – Advanced API Security to help protect customer privacy and secure transactions.
- CIBA now in GA – Client systems like call centers, kiosks, or AI agents can start the login process for customers — securely and seamlessly.
- Native to Web SSO – Create a smoother customer journey by enabling users to move from mobile apps to web apps without logging in again.
1 2025 Top 10 Risks & Mitigations for LLMs and GenAI Apps, OWASP, 2025.
Disclaimer: Any products, features, functionalities, certifications, authorizations, or attestations referenced in this material that are not currently generally available or have not yet been obtained or are not currently maintained may not be delivered or obtained on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature, functionality, certification or attestation and you should not rely on them to make your purchase decisions.
About Okta
Okta, Inc. is The World’s Identity Company™. We secure Identity, so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to use the power of Identity to drive security, efficiencies, and success — all while protecting their users, employees, and partners. Learn why the world’s leading brands trust Okta for authentication, authorization, and more at okta.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250409108419/en/
Media Contact:
Kyrk Storer
press@okta.com
Source: Okta, Inc.
FAQ
What are the main features of Okta's new Auth for GenAI platform?
How does Okta's Token Vault feature enhance AI agent security?
What enterprise features are included in OKTA's new Auth0 platform release?
When will OKTA's FAPI 2 Certification be available?
