Govern access to AI agents
Use Okta Identity Governance to expand governance capabilities to AI agents and the user sign-on apps that it's linked to. This helps ensure that your users have the appropriate access.
When an AI agent is linked to an app, it can only access resources or perform actions on behalf of a user who is currently signed in to that app. Streamline requesting access to these apps using Access Requests and certify and remediate existing access to these apps with Access Certifications.
Access Requests
Access Requests streamlines the process of requesting and approving access to apps. You can create conditions for apps so that only the users who need access can request access.
Users can request access to apps directly from their End-User Dashboard. You can define how the request is routed for approval and any actions, including custom actions through delegated flows, to automatically take as a result of approval or denial. You can also specify the duration of access after which the access is automatically revoked.
Access Certifications
Use resource or user campaigns to review and automatically remediate your users' access to apps based on the reviewer's decision. Campaigns are user access reviews from a certification and compliance perspective. Running campaigns helps you adopt the least privileged access model and ensure that your users have the right level of access to apps.
Use resource campaigns if you need clear visibility on who has access to user sign-on apps that are linked to AI agents.
Access certification is extensible through Okta Workflows.