Okta Helps Builders Easily Implement Auth For GenAI Apps & Secure How Consumers Interact with GenAI Agents

LAS VEGAS - October 16, 2024- Okta today announced a new Customer Identity Cloudproduct to help developers and organizations secure identity in GenAI applications, through secure identity standards and a seamless developer experience. With these new features, Okta customers will be able to easily implement support for typical patterns in GenAI applications.

Why It Matters:

• Generative AI is being rapidly incorporated into applications and products with AI spending expected to increase from $20 billion in 2024 to over $200 billion by the end of 2028¹.
• Over the next decade, it's predicted that there will be the rise of a huge AI agent ecosystem-large networks of interconnected AI programs that integrate our different apps and act autonomously on our behalf.
• AI agents' use of Large Language Models (LLMs) to determine what they should do can potentially lead to "hallucinations" and security vulnerabilitiessuch as excessive agency².
• Auth for GenAI will enable app builders to protect against AI-specific security risks, integrate GenAI agents into their products faster, and deliver AI-powered experiences for their customers.

What's New - Auth for GenAI

The upcoming Auth for GenAIproduct empowers app builders to securely make use of GenAI in their apps. It is built upon decades of experience in identity and building for developers. Capabilities include:

• User Authentication:Okta is working to make Auth for GenAI available in popular GenAI frameworks and libraries, like Langchain and Vercel. This will allow developers to seamlessly authenticate users and leverage Auth for GenAI capabilities in their apps.
• Calling APIs on the user's behalf: The new third-party APIs feature will allow agents to call APIs of services like Google Calendar, Github, Box, and more on the user's behalf. It uses secure standard protocols to verify that the API credentials are specific to a single user's account and verify that the user consented to specific permissions granted to the GenAI app.
• Async Authentication:AI agents may take hours or days to complete their work, but users won't wait for that to happen in front of a screen. For these cases, with agents running in the background, humans will act as supervisors, approving or rejecting actions when away from a chatbot. Based on secure identity standards, Async Authentication allows builders to implement on-demand authentication in their apps, with users getting a push notification in their mobile app to authenticate or not with one tap. For instance, if someone directs an AI agent to book flights to one of many destinations when the price goes below $200, Async Authentication can send a push notification to the user on the travel app to authenticate on demand and approve the transaction.
• Fine Grained Authorization for Retrieval Augmented Generation (RAG): As RAG becomes prevalent in GenAI apps, it is paramount to ensure that the content used to generate answers is content each user can access. Otherwise, sensitive information might be disclosed. Okta Fine Grained Authorization enables retrieved content to be filtered at very granular levels (e.g. documents, studies, pages, etc.) so LLMs are fed with only content each user has permissions to. For instance, some users in a financial trading app might have access to proprietary and confidential research documents, while others might not. Fine grained authorization helps ensure that only users with access to that research will see it considered as part of LLM responses.

"With the limitless possibilities of GenAI, it's critical to instill trust among consumers and businesses by protecting sensitive data, user credentials and securing integrations across user applications," said Shiven Ramji, President, Customer Identity Cloud at Okta. "Our new product, Auth for GenAI, enables application builders to enjoy securing their GenAI apps, with the developer and user experience Auth0 is known for."

_{Auth for GenAI}

What's New - Developer Portal
AI agents don't need user interfaces; they are better off talking to an API. To become "AI ready," products that don't have an API will look to build one, and all new products will launch with one. Agent identity and securing how developers and their partners access APIs will become more critical than ever.

The Developer Portalwill help make APIs AI-ready. The Developer Portal is an upcoming product that makes it easy for companies to securely expose APIs, with their brand, to developers and partners.

_{Developer Portal}

Other New Innovations:

• Universal Logoutallows security teams to detect risk changes and automatically terminate all user sessions across applications and devices. When a logout or de-provisioning event occurs in Okta Workforce Identity Cloud, employee identities are automatically signed out of apps managed by Okta Customer Identity Cloud.
• Self-service SSOand SCIMwill allow teams to programmatically send their customers' IT administrators a link to a setup wizard, enabling them to configure SSO and SCIM themselves.
• Advanced Customization for Universal Login willgive organizations more power to customize the sign-up and sign-in experience across every app, device, and digital journey.
• Auth0 Free and Paid Self-Service Plan Expansions(announced September 2024)
• Forms(announced July 2024)

¹ 2023 Worldwide AI and Generative AI Spending Guide, IDC, 2023

² Top 10 for LLMs and Generative AI Apps, OWASP, 2024

Disclaimer: Any products, features, functionalities, certifications, authorizations, or attestations referenced in this material that are not currently generally available or have not yet been obtained or are not currently maintained may not be delivered or obtained on time or at all. Product roadmaps do not represent a commitment, obligation or promise to deliver any product, feature, functionality, certification or attestation and you should not rely on them to make your purchase decisions.

Public link

Please use the above public link if you want to share this noodl on another website.