Okta has introduced a new Customer Identity Cloud product designed to help developers and organisations secure identity in Generative AI (GenAI) applications through identity standards and a developer-friendly experience.
The introduction of Generative AI into applications is accelerating, with AI-related spending forecasted to rise from USD $20 billion in 2024 to more than USD $200 billion by the end of 2028. The anticipated growth of AI agents—large networks of interconnected AI programs that can autonomously integrate with various apps—underscores the importance of addressing security vulnerabilities like excessive agency and potential "hallucinations" that may arise from the use of Large Language Models (LLMs).
Okta's new product, Auth for GenAI, aims to enable app builders to mitigate specific security risks associated with AI, integrate GenAI agents more swiftly into products, and provide consumers with seamless AI-powered experiences.
Auth for GenAI is engineered to allow developers to incorporate GenAI into their applications securely. It includes user authentication capabilities, supporting GenAI frameworks and libraries such as Langchain and Vercel. This functionality allows developers to authenticate users seamlessly while utilising Auth for GenAI features within their apps.
Additionally, the product supports third-party API calls on users' behalf. This feature utilises secure standard protocols to authenticate that API credentials are associated with a specific user's account and ensures user-consented permissions are granted to the GenAI app, with services such as Google Calendar, Github, and Box being accessible.
Async Authentication is another key feature, accommodating long-duration tasks performed by AI agents. It enables background operation of AI agents with human oversight through mobile notifications, allowing users to approve or reject actions remotely. An example scenario includes triggering a push notification when an AI agent identifies a flight price drop, allowing the user to approve a transaction immediately via a travel app.
Further, Fine Grained Authorization for Retrieval Augmented Generation (RAG) is incorporated to ensure compliance with data access permissions. This feature filters retrieved content at a granular level to ensure that LLMs use only accessible data, thus protecting sensitive information.
Shiven Ramji, President of Customer Identity Cloud at Okta, remarked, "With the limitless possibilities of GenAI, it's critical to instill trust among consumers and businesses by protecting sensitive data, user credentials and securing integrations across user applications. Our new product, Auth for GenAI, enables application builders to enjoy securing their GenAI apps, with the developer and user experience Auth0 is known for."
Okta is also launching a Developer Portal to facilitate secure API exposure to developers and partners, enhancing AI-readiness for products lacking pre-existing APIs.
Complementary innovations include Universal Logout to automatically terminate user sessions during risk changes, self-service single sign-on (SSO) and System for Cross-domain Identity Management (SCIM) setups, and advanced customisation for universal login experiences.