en.Wedoany.com Reported - Okta (Okta Inc.) has expanded its Cross App Access ecosystem, adding over 25 integrations to extend identity governance for AI agents across a broader range of workplace software.

The new connections cover productivity, design, development, and collaboration tools, including Asana, Atlassian, Canva, Cursor, Figma, Glean, Linear, Slack, and Zoom. As enterprises increasingly use autonomous AI agents in daily operations, these integrations aim to bring agent-to-app and app-to-app connections under Okta's identity control.

Okta positions Cross App Access as a solution to the challenges IT teams face when employees connect AI assistants to company systems. These connections often rely on static API keys or user consent flows, lacking central oversight, leaving administrators with limited visibility into agents' access scope and operational behavior.

Cross App Access provides a standardized way to route access requests through identity policies, log actions, and restrict permissions to the scope required for each task. The protocol is built as an extension of OAuth (Open Authorization) and has been incorporated as an authorization extension for MCP (Model Context Protocol).

Over 25 early adopters participated in this expansion, spanning software vendors, developer platforms, and infrastructure providers. The list includes Anthropic, Aquera, Archestra.AI, Asana, Atlassian, Canva, Cloudflare, Cursor, Datadog, Docker, Figma, Glean, Granola, Keycard, Keycloak, Linear, MintMCP, Scalekit, Serval, Slack, Stytch by Twilio, Supabase, VS Code, WorkOS, Zoom, and Zuplo.

Okta divides the integrations into three major categories: requesting apps, resource apps, and identity infrastructure and gateway providers. The first category includes apps like Claude, Cursor, Docker, VS Code, and Zoom, through which users may request information or complete tasks via AI assistants. The second category includes systems like Asana, Atlassian, Canva, Datadog, Figma, Glean, Granola, Linear, Serval, Slack, Supabase, and Zoom, which hold data that agents may need to access.

The third category covers the backend layer that routes and manages traffic between agents and apps, with participants including Aquera, Archestra.AI, Cloudflare, Keycard, Keycloak, MintMCP, Scalekit, Stytch by Twilio, WorkOS, and Zuplo.

According to Okta, the model is designed to provide IT teams with a central audit trail of AI agents or integrated apps operating across the organization, while reducing standing permissions and limiting repetitive consent prompts for end users. Okta believes this should shorten the time required for security reviews when organizations want to deploy agents more broadly.

Stephanie Barnett, Vice President of Solutions Engineering for Okta APJ (Asia Pacific and Japan), addressed the governance pressures facing companies in the region. Barnett stated that organizations in Asia Pacific are currently racing to deploy autonomous AI agents but lack the same visibility and control as with other technology stacks, relying on fragmented AI security models—which is not just a management challenge but a significant governance risk. Cross App Access provides security teams with a unified way to manage identity and access policies, offering an overview of agent behavior, enabling organizations to scale AI securely.

Partners involved in the ecosystem expansion also elaborated on the role of identity control. Mayank Malhotra, Product Manager at Anthropic, said that as AI workflows become more integrated, interoperability and enterprise security need to advance together. Anthropic worked with Okta to build Enterprise Managed Auth, replacing fragmented per-connector authorization with a single, centrally managed model, allowing administrators to extend existing identity investments. Anwar Haneef, General Manager and Ecosystem Lead at Canva, noted that Canva's MCP server allows teams to create, edit, and publish brand designs in unified workflows, and Enterprise Managed Auth lets enterprises manage AI access through systems they already trust. Jamil Valliani, Head of AI Product at Atlassian, emphasized that enterprises need context and governance to trust AI agents at scale. Atlassian's Teamwork Graph provides agents with access to organizational knowledge nodes, and the XAA protocol ensures connections are secure and centrally managed. Rod García, Vice President of Engineering at Slack, stated that Slack's MCP server provides AI agents with access to conversational context, and Cross App Access built into MCP eliminates authorization prompts and per-server logins, allowing organizations to manage agent access to Slack at once through existing identity policies.

Okta has also gained customer validation through Anthropic's beta program, where Okta serves as the primary identity provider for joint customers including HubSpot, Ramp, and Webflow. The program has been used to test XAA-enabled workflows, centralized authorization, and automatic de-provisioning of agent permissions. Support has also been added at the software development kit (SDK) level, with the official MCP SDK adopting XAA as an enterprise managed authorization extension in TypeScript and Java, with Python support under development.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com