Request access to AI agents

Early Access release

Use Access Requests to streamline the process of requesting access to apps linked with AI agents (linked apps). Access Requests conditions that you can define for each app deliver a simplified and frictionless approach that automatically routes user requests to one or more approvers for action.

Conditions are rules that define who can request access, the level of access that they can request, the duration of access, and the approval sequence for each app. You can configure conditions directly on the app's profile page in the Admin Console.

An approval sequence is a linear series of tasks like questions, approvals, Okta Workflows, and custom tasks. These tasks (also known as steps) govern the information that specific users must provide, the users responsible for approving or denying the request, and any actions that you need to complete.

When you use conditions to manage access to a linked app, requesters can directly go to the End-User Dashboard, select the app's tile, and then enter the required information to request access.

There are four primary personas (in addition to some others) involved in streamlining access requests:

  • Admin

    A super or access request admin, who is responsible for setting up and configuring the access request conditions for the linked app.

  • Task assignee

    Any user who is assigned to a task in the approval sequence and is responsible for completing it. Tasks include questions, approvals, actions, and custom tasks.

  • Requester

    Any user who requests access to a linked app and is assigned to it after the required steps are completed.

  • Request assignee

    A super or access requests admin who is assigned to manage a request's administrative aspects after it's submitted. They're responsible for managing things like unassigned steps or reassigning approvers to ensure that the request is quickly completed.

    For requests managed by conditions, Okta doesn't automatically assign request assignees. Super and access request admins can view or modify the request assignee in the Access Requests web app.

Get started

  • Read the Access requests overview. Also, learn about some other personas who help in managing access requests.

  • Use access request conditions to manage access requests for AI agent-linked apps.

  • Optional. Add an app description in the App notes for end users field on the app's profile page using the steps in Configure settings for app integrations. It's a good idea to mention if an app is linked to an AI agent. This description is visible to requesters on the End-User Dashboard when they request access and provides context and the purpose of the app.

    If you don't enter a description in the app notes for end users field and the app is linked to only one AI agent, Okta displays the AI agent's description on the app tile on the End-User Dashboard.

  • Familiarize yourself with the limits for orgs, conditions, and requests.

  • Complete the set of initial setup tasks listed in the conditions section of the Get started topic.

  • If the app owner for an AI-agent linked app isn't available, Okta assigns the steps to the AI agent owner. This is applicable for apps that have only one AI agent linked to it. If the AI agent owner is also unavailable, the step is unassigned.

  • Optional. You can perform the set of Maintenance tasks in the conditions section of the Get started topic.

  • Understand the end-user experience of requesting access (requester), managing tasks (task assignee), escalating tasks, and managing requests (request assignee) from an admin perspective.

Related topics

Certify AI agents