Okta joins Google Cloud and industry leaders to build an open, secure AI ecosystem with MCP

The era of AI-driven security operations is upon us, promising to augment human expertise and automate complex tasks. However, realizing this potential is often hard because of critical integration gaps between the diverse tools security teams rely on daily. Connecting these tools frequently requires bespoke, resource-intensive efforts, leading to fragmented workflows and missed opportunities.

Today marks a significant step forward. We're excited to support Google Cloud's announcement that it will foster an open ecosystem for AI-driven security, centered around the Model Context Protocol (MCP). MCP is an open standard poised to simplify how AI models and agents connect to external tools and data sources. By standardizing these interactions, MCP democratizes the creation of robust, cross-tool AI workflows, making advanced capabilities accessible beyond specialized developers.

Okta is proud to join Google Cloud, Cloudflare, CrowdStrike, and Wiz in a shared commitment to this vision. This collaboration is vital for building a future where security teams can harness AI's power without getting bogged down in integration complexities.

“As an industry, it's critical that we prioritize interoperability and enable our mutual customers to seamlessly integrate best-of-breed solutions and effectively leverage AI across diverse security tools.”
—Stephen Lee, Vice President of Technical Strategy & Partnerships, Okta

Identity security: The cornerstone of secure AI agents

At Okta, we see identity security as the non-negotiable foundation for this AI-powered future. As AI agents increasingly act on behalf of users — querying data, analyzing threats, and initiating responses across different security tools via MCP — robustly securing who or what is acting and what they are permitted to do becomes paramount. Okta is committed to ensuring strong, standards-based identity security principles are embedded within the MCP ecosystem from the outset, applying the same security rigor to AI agents as human users.

Getting authorization right for MCP

Securing agent interactions necessitates rigorous adherence to authorization standards. Early MCP designs prioritized protocol implementation, initially deferring comprehensive authentication and authorization. Authorization was integrated in later stages, with the initial spec consolidating the MCP server and Authorization Server roles. While functional, this tightly coupled architecture introduced complexity for developers and deviated from established OAuth best practices. In other words, there was ample room for improvement.

Adopting standard OAuth 2.0 patterns — specifically the separation of the MCP Resource Server (the API endpoint) from the Authorization Server (the "token factory") — offers a more modular, scalable, and interoperable solution. This decoupling simplifies MCP API development, facilitates seamless integration with enterprise identity providers like Okta, and enables cleaner discovery mechanisms leveraging standards such as OAuth Protected Resource Metadata (RFC 9728).

This architecture also provides a stronger foundation for integrating with enterprise SSO systems and managing client registration and user consent at scale. Critically, all access tokens issued for MCP interactions must be strictly scoped and audience-restricted, aligning with fundamental security principles.

(For a deeper technical discussion on applying OAuth correctly to MCP, please see Aaron Parecki's blog post.)

The road ahead

Today's announcements represent a foundational step. Okta is excited to collaborate with Google Cloud, our partners, and the community to build a truly open, interoperable, and secure AI ecosystem powered by MCP.

This is just the beginning. Stay tuned for future posts, in which we'll dive deeper into how Okta's platform capabilities facilitate these integrations and explore further innovations in authorization for AI agents, building on collaborations such as our previous work with Cloudflare on MCP.

We encourage you to explore the new google/mcp-security repository on GitHub and join us in shaping the future of secure, AI-driven operations.