Back to Blog

Sign in with Okta, and let your agents sign in too

ChangelogEnterprise

Your team's identity already lives in your IdP, so your security tooling should meet them there instead of handing everyone one more password to babysit. Enterprise customers can now put Zenable behind Okta SSO, and behind any OIDC-compliant provider you like (Keycloak, PingFederate, ForgeRock, WorkOS, and friends), joining the Google logins we've had since 2024 and the Microsoft Entra ID support we added last fall.

With this change, we've also unlocked fully agentic use cases. Now that we support RFC 8693 token exchange, any enterprise customer can exchange an IdP-issued machine token for a Zenable token, giving your agents just-in-time, least-privilege access to Zenable. Each AI agent, CI pipeline, or service account becomes a real, individually attributed user that runs under the same guardrails, scoping, and audit trail as any developer, while rotation and revocation stay in your IdP where they belong.

If you'd like to give it a shot, send us an email at hello@zenable.io and we'll get your connection live. The step-by-step lives in the management console docs.