Okta, Inc. (OKTA) Earnings Call Transcript & Summary

Hey everyone. Thank you for joining, and welcome to Okta's identity Summit on securing Agentic AI. AI is the biggest platform shift since the Internet, bigger than cloud, bigger than mobile, bigger than social. And with the rise of AI agents, we are moving toward a world where software isn't just a tool. It's a collaborator that can initiate access, interact with data and carry out complex tasks with minimal human input. As builders, you play a crucial role in making this vision real for your customers. But as agents move from prototype to production, they're hitting walls. To unlock their full potential, agents need deep, broad access to data, applications, service accounts and other agents. That kind of access demands robust identity security. But security reviews can stifle adoption and consent prompts can ruin the user experience. The result, stall deployments and frustrated champions inside the enterprise. It's more friction, harder to show value and ultimately less revenue for you. To meet this moment, the industry needs a new way to fully manage the AI agent life cycle, an identity security standard that gives enterprises confidence in what agents can access and gives developers freedom to build experiences that are secure and seamless by default. Just as we can't imagine the Internet without HTTP or TCP/IP, the Agentic future won't be possible without a new generation of protocols that are designed from the ground up to secure how agents connect, collaborate and act on our behalf. It will take all of us, builders, platform providers and identity leaders to bring that future to life. And that's what we're excited to talk about today. And with that, I'll hand off to Arnab to share more about Cross App Access, a new open protocol for securing AI agents.

Thanks, Todd, and thank you, everyone, for joining us. as builders of Agentic AI, you're defining the future of work. And if you can deliver secure, seamless agent interactions, you'll unlock better user experiences, fewer security blocks and quicker deployments. Today, we'll explore how Cross App Access makes that possible. The era of Agentic AI is already here. According to a recent Okta Commission survey, 9 out of 10 businesses now use AI agents. Okta secures over 10 billion human logins a month. And as AI adoption grows, we will see agent-driven access climb just as rapidly. These agents may not be human, but their identity needs to be secured like humans. AI agents need to connect to other applications to both read information and take action. For example, a customer may want the Zoom AI companion to monitor project discussions and meetings and automatically update the status of related JIRA issues even before the human assigns the task. Until now, setting up back in a connection usually meant giving agents broad over permission access through a service account or relying on user-created app-to-app worth grads that security teams can't easily track. The result each connection becomes a potential security risk. And for app builders, every customer request means reinventing the wheel, custom building security controls and monitoring features. On top of that, as Asian usage grows, so does the user burden, more consents, more prompts and more friction that all leads to slow onboarding, compliance pushback and low adoption of your AI features, making it harder for enterprise buyers to CES. This is where Cross App Access comes in. Cross App Access is an open protocol that secures interactions between apps, agents and across ecosystems. It moves the control to the identity layer, allowing organizations to centrally define access monitor agent activity and eliminate unnecessary consent prompts for users. Cross App Access is built on OAuth, a trusted standard that Okta has helped shape and evolve for years. It extends that foundation to support modern agent-driven use cases and complements emerging standards like MCP and agent to agent by adding essential authorization and policy control. It treats agents as first-class entities, so their actions can be governed, audited and secured like any other user or app. For IT, it enables centralized policy-based access management. So your product is easier to approve and easier to manage. For agent builders, it removes the need to design and maintain complex user experiences for access control since policies are defined and enforced centrally through the identity provider. For users, it removes repetitive prompts and enables seamless agent initiative actions. So your AI features are easier to use and easier to adopt. Cross App Access speeds up sales cycles, supports enterprise requirements and helps you stand out in a competitive AI market. Securing Agentic AI requires an ecosystem, and it starts with you, the builders. That's why we are here today to introduce you to the protocol and open a conversation. To bring this to life, Okta's President and Chief Operating Officer, Eric Kelleher, sits down with one of the builders leading the charge. May Habib, CEO and Co-Founder of Writer. Over to you, Eric.

Today, I'm excited to speak with May Habib, Co-Founder and CEO of Writer. May, thank you for joining us today.

Thanks for having me, Eric.

Every business leader here is exploring ways to use AI effectively and safely. To start, can you give us an overview of Writer and how your platform helps enterprises harness the power of Agenetic AI?

Yes. We are an end-to-end agent building platform for the enterprise. And what we mean by end-to-end is truly one place where you can define and build and scale, activate and supervise the agents that you're building. CIOs don't want 500-point solutions doing Agentic in their enterprise to be able to do supervision at scale, you really need a platform. Think of Writer as a design system for building agents where you've got reusable components that anybody can use regardless of technical capability.

That really covers a lot of ground in this space right now. It's fantastic. Let's dive into the core idea for today's conversation. AI is redefining identity as agents begin to act on behalf of users. May, from your perspective, how are AI agents forcing us to rethink what user identity and trust mean inside a company and inside our systems?

Yes, it's a great question because AI is reshaping all of how we build software. And if you think about the 30 years, we have all been shaping what the software life cycle development life cycle is, right? You are building 4 very deterministic processes. When it comes to Agentic, it is a very different story. Agents challenge the concept of done. You are iterating and building constantly you've got agents that really only exhibit the kind of behavior you can track once they are in real-world real data environments, you've got people building agents and giving them inheriting to them their own assets and rights to systems when in reality, these are agents that are goal-oriented that have objectives of their own where the identity and the access needs to be managed on a goal and outcome basis versus the access rights and permissions of the person who are -- who is building them. And so it's just -- it's very challenging on so many levels, and we have to completely rethink identity and roles-based systems inside of the enterprise.

In a recent interview, you said Agentic AI is like the straw that broke the enterprises back and people are understanding they can't be doing all of this themselves. They need support. I agree. We're at a tipping point. every leader feels the need to both innovate quickly while staying secure. We know if developers aren't intentionally careful, AI agents can inadvertently become over privileged super users. How does writer approach preventing AI agents from introducing new risks? What does responsible AI look like? And for example, do you impose limits or supervision on what agents can do autonomously?

Every layer of our stock, there is a level of configuration and customization and supervision that IT doesn't get anywhere else. Starting from the enterprise-grade LLM and the kind of information that you understand on performance on latency at that loan. All the way to the data layer, being able to understand where a retrieval index or how a retrieval index may have changed that may have impacted the quality of the agents that you are building. to the ability to monitor the kinds of access that an agent has even when it is allowed to a system, is it within the behavior and allowances and guardrails that you have set for the actions that are allowable permissible for that tool for that system. And so think of what we've done on the tool access level, which is what folks are really concerned about right now, as almost adding your old context and management layer on top of the MCPs that you might be building on top of the MCPs that you might be inheriting from the vendors that are building them. So many of the CIOs that we talk to aren't happy with the kind of security that the MCPs that are being built might have and want to be able to configure an extra layer that they control around the actions that are permissible, the data that is permissible. And then you absolutely need to have the ability to observe that at a meta level, even while you have given access and permissions to folks to build tooling and agents that are able to access the systems you've configured.

So you touched on a number of areas there, including access and data permissions and authentication and authorization and all of these themes tie back to Okta's conversation around identity. So today, when an AI agent needs to access a user Slack or Salesforce data, it's often done through manual user consent, which can get messy. There's growing momentum around new protocols, like you mentioned, MCP and also agent-to-agent. Okta and industry-leading ISVs have been developing a new open standard called Cross App Access to streamline and secure agent app connections. What role to open standards like these play and creating an interoperable ecosystem for AI? How can ISVs solve for both security and usability? Do you envision protocols like MCP, agent to agent and Cross App Access working to allow agents from different vendors to safely interoperate?

Eric, we are so excited that you guys are working on this and that we are going to be supportive of the Cross App Access. No single company is going to solve this alone. We need a feature that is a collaborative ecosystem, making it really secure where Writer agent built in Writer. As indicated by Okta is able to access an agent built by agent for to get big complex work done all with a verifiable and secure audit trail that IT can trust. This is the future that we're getting to together really, really fast. That's the interoperable future all building towards. Interoperability is table 6. No CIO is investing in platforms and tools that aren't to be. But we have to come up with the standards, right? These are the critical standards that are going to make it safe for employees to feel emboldened to build the kind of agents that really transform the way they work that make them 100x employees. But if there isn't a way to authenticate what it is that they build, what it is that those agents access, then ICs is going to completely shut it down. And we need to be brave in letting innovation come bottoms up. But that is all going to be possible if IT has got all of this really secured. So we're very excited about the protocol you guys are putting together. So Eric, we see our role as the critical piece to helping business users contribute to their company's in genetic future. I can't book everything. And the business has got the most subject matter expertise. They know what good looks like. They know what workflows are worth building. And that's what we built our Agentic platform to do. Unless that philosophy and that approach is supported by CIOs won't happen inside of an organ. So how do you see your role evolving in a world where we've got just as many agents as employees. Actually, it's going to be many times more doing really, really critical knowledge work, really sensitive data assets that today only humans can do.

Yes, it's a core fundamental shift in the industry. Historically, when companies have thought about solving for identity, they started initially thinking about how to solve user identity and in particular employee user identity. And over years, we've seen them expand from employee audiences to third-party audiences and even customer and consumer audiences in managing identity to ensure that a user is who they suggest that they are and is authorized to do the things that, that user is authorized to do. That's been the core issue. And in recent years, we've seen that evolve to include nonhuman identities and machine-to-machine identities and API tokens and privileged access all of those requiring identity governance and the ability to provision and deprovision accounts to turn identities on and off and they have just-in-time provisioning. What we're seeing now is the next evolution of that, where agents are really becoming a part of a hybrid workforce where we have both people and agents where the agents are working autonomously. So we're excited for the opportunity. We're also very committed to supporting our customers as they are evolving their workforce into a hybrid that's powered by, as you said, many agents for one employee. Thanks for joining us, May. .

Thank you.

It's inspiring to hear how Writer is leading the way in secure scalable AI. I'm now going to hand it over to Aaron Parecki, Okta's Director of Identity Standards, who will walk us through a demo of Cross App Access.

Thanks, Eric. We've just heard how Agentic AI is really changing things in enterprise software. Now I want to show you how we're making secure scalable access for these agents happen, and it really comes down to the basics of access itself. Modern apps don't live in isolation. Your customers expect them to connect seamlessly with the rest of their other tools, calendars, CRM, support tools and more. As we've heard, especially with AI agents, that trend is only accelerating. Today's access models weren't built for that kind of scale. Let's look at an example from Zoom. Say your customer wants to use the Zoom AI companion to summarize the call and instantly create a Jira ticket with follow-up items while during the summary of the call in Box. That's pretty powerful, right? But it needs 3 different systems to talk to each other in a secure and coordinated way. This is just one example, but you're likely building agents and apps that integrate with a bunch of tools to collect data and do things in other connected systems. And with each new connection, the burden shifts to the end users. They have to log in, make a security decision and approve access. Once or twice, is fine, but 20 or more tools, that friction adds up fast. And this whole time, the users are the ones deciding to connect apps, but your customers' IT advents can't necessarily see this happening. It might seem counterintuitive. So let me break this down. If you're on Zoom, and you click ad box, Zoom starts OAuth flow to Box. Box will ask you to log in with your company e-mail, so you'll get sent to Okta to log in. But all occupancy here is that a user is logging into a box. Okta doesn't know that box is then going to give an access token to Zoom's AI companion. That's the blind spot. The user becomes a policy layer approving sensitive access with no oversight. For your customers, that's a security liability, fragmented control and no visibility into what's connecting where, for you, it means slower adoption and deals bogged down in review. The problem isn't your product. It's the access model. It wasn't designed for app-to-app and agent-driven communication. We've been working with a bunch of partners across the industry to fix this. Cross App Access is an open protocol, built as an extension of OAuth and other widely adopted identity standards. It introduces a consistent way for absent agents to request access to other apps not by asking the user each time, but by going to the identity provider instead. Because it's based on standards, it's easy to adopt since it builds on your existing OAuth integrations. Instead of building custom authentication logic for every partner connection, you only need to implement cross-app access, one to support them all. Box is an ideal example for this kind of connected workflow. With Cross App access, apps and AI agents can pull content from Box securely with policy set by IT, not left to the end user. So if Zoom wants to access the user's data in box, instead of sending the user through a traditional redirect based flow, it can use cross-app access instead. The user first logs into Zoom the requesting app through the IDP getting an ID token. It then takes the ID token back to the IDP and says, "Hey, this user just signed in. I would like to access their box account." The IDP returns a new temporary token, the ID JAG. That's the identity job assertion grant, which Zoom can then take to Box, the resource app, saying, "I would like an access token, here's a statement from the IDP that says it's okay to issue met and access token." Since Box is also configured for SSO to the same identity provider, it can validate the token and then issue an access token that works the same way as its normal OAuth access tokens. If you want to build this and you're providing an API, you just implement a new grant type in your OAuth server. If your app is trying to access other APIs, you can do this behind the scenes 2-step token exchange instead of sending the user through an interactive OAuth flow. Once you've got this running, your customers' admins can easily manage the connections themselves. For instance, in Okta, they could define which apps or AI agents can connect to yours and what data they can access. No more long-lived service account tokens and no confusing end user prompts. You got to give your customers control and visibility of your apps and agents without having to build a bunch of admin dashboards. Cross App Access helps you get faster adoption, reduce integration friction, and it keeps you ahead of what enterprise security teams expect. Things change. And when they do, security teams need to act fast. With Cross App access, admins have the ability to revoke or disable app-to-app or agent connections with just a few clicks. No hidden connections, no blind trust and no waiting on custom code or app updates. This level of control is a game changer for enterprise security and app developers who support can offer their customers peace of mind and faster incident response. Okay. But let's get back to the end user experience again. Before Cross App Access, your users had to manually authenticate and consent every time an agent or app tried to connect over and over again once for each application. But now once the connection is approved by the admin, it just works. The user doesn't see any extra steps. As soon as the user logs in, the app already has the access, it's been granted by the admin. As a result, your customers can more easily use all the AI capabilities you're building without their users getting bogged down in OAuth flows. For you, this means fewer support tickets, happier customers and faster adoption of your AI-driven workflows. And if your app is built on OAuth 0, you're already one step ahead. OAuth 0 will include the cross-app access framework out of the box, making it easy to expose your API securely and enable agent door app connections from day 1 without giving a bunch of extra work to your development team. As a resource app, OAuth gives you the tools to define what external apps or agents can access, how and under what conditions? You don't need to build custom logic to support AI-driven workflows or third-party integrations. It's already there and it's ready to go. As a requesting up, you can use OAuth for gen AI to seamlessly get tokens for other apps in Cross App Access. That means your customers can use AI agents or other tools to interact with your app safely without relying on long-lived service account tokens or asking users to approve every action manually. Instead, admin staying control, and your app becomes a secure enterprise-ready player in any connected ecosystem. This makes it easier for your customers to adopt your product, embedded in AI workflows and scale up their usage while giving them the control they need. With Cross App Access, app builders like you can deliver secure, seamless connectivity that hits all the enterprise requirements, without slowing things down, without making things harder to use and giving you the chance to innovate on the things that actually set your product apart. It's a smarter foundation for the agent-driven future, and it's ready for you to start building with today.

It was so great to see Cross App Access live in action. Thank you, Aaron, for that awesome demo. And now to get the perspective of a security practitioner, I'm going to hand it over to Charlotte Wylie, Okta's Deputy Chief Information Security Officer. Over to you, Charlotte.

Hi, everyone. I'm Charlotte Wylie. I'm the Deputy Chief Information Security Officer here at Okta. And joining me today is Alyssa Robinson, Chief Information Security Officer at HubSpot. So welcome, Alyssa.

So glad to be here.

Our discussion today is really about cutting through the noise to service real challenges that CISOs like yourself are facing right now around AI age and access and visibility. And more importantly, it's about outlining what our ISV partners must build to ensure that they remain trusted and selected. As part of our conversation today, we're looking to call on SaaS vendors to join us in addressing the increasing complexity that we are facing in this space. What is changing is profound. AI agents are introducing hidden privileged access that is incredibly difficult to govern. And CISOs we're balancing the immense pressure for AI-driven productivity with the absolute need for security. So let's be clear, to truly advance the business, we simply cannot just lock down AI and their data sets. This is going to stifle innovation and defeat the purpose. We can only achieve this if we strike a delicate balance with our SaaS vendors and our ISVs, we need to build open shared standards that are effectively managing AR access and providing real-time visibility. The consequence for us to not do this is quite stark. We will simply not be able to select those vendors that fail to meet the bar. So this matters quite simply because the future of AI depends on trust. And right now, many security teams can't fully trust Agentic AI, which puts the promise at risk. We need to trust that our vendors support shared open protocols that govern agent access and provide real-time visibility. And so that's really to set the context here and so Alyssa, I would love to hear your thoughts about what are some of the security risks that you are seeing with the rise of Agentic AI?

So I think some of the risks that we're seeing are actually not really related to Agenetic AI at all, right? Like this is -- we're seeing a lot of really new vendors, immature products being put out there that are being put out for that functionality that you're talking about that is really making people more efficient and businesses are seeing the value of, but we haven't really gotten to the point where they're also thinking about security. And so we're seeing just the lack of those basic controls that you expect to have, whether it be access controls, auditing, change management, just even those agent definitions and having some sort of source control and change management there are things we're not seeing yet. And then, of course, there are pieces that really are related to the AI components of LLMs into agents. There is just the continuation of the nonhuman identity problem that we were already seeing. The interconnections between apps and this really just explodes that with the rise of MCP servers and agent to agents long of tokens and other pieces that are just spilling out over there that we -- was a problem we were already seeing, but now is just that much bigger. And then, of course, there's the unpredictability, the nondeterministic nature of LLMs themselves and the interactions that you might have there.

Alyssa, I agree with you, so many different considerations for us as CISOs and the complexity of what we're dealing with. I think the unchecked nature of the interactions between AI agents and their applications concerns me greatly. And I think the controls that are available to us today are lacking somewhat. And so just zoning in on that as a conversation point I'd love to hear your thoughts on what are some of the limitations around frameworks and controls we have today? And what do you think that we need to do to fill this gap?

Yes. So I think we're seeing we're seeing lots of vendors that are jumping on the Vanwagen for MCP and for A2A and these standards, but those standards don't have that much real security built in so far. And standards like OS are built for human to app interaction, not really for agent-to-agent interaction. We've seen some standards out there, things like AAS, that I think could be very promising that look at things like really tracking the permissions that agents have and things like that, but they're not catching on like these other protocols are yet. And so I would really like to see much stronger standards out there, much stronger security built into the standards that we have and vendors really jumping on those bandwagons and really trying to build those things up.

I agree, like A2A protocol, it's fantastic. It gives us a crucial new lens on how we deal with the nonhuman identities that we're staring into today. And it's -- we are at a point where traditional access controls like, OAuth, yes, they are built for human-driven workflow but not necessarily the scale and interaction that AI agents have in multiple systems with different decision-making capabilities. So I think that like new standards like A2A and MCP, they're fantastic. But we've still got a long way to go in terms of them being primetime ready. I'd love to hear an example from you about where we have Agentic AI that is over privileged, potentially unseen and what the potential risks are for CISO like yourself in your organization?

Sure. I mean I think the places where we have the largest concerns are anywhere that our most sensitive data like customer data is involved, right? So we're worried about agents that might be over permissioned that might get access to data that we don't know they have or that we didn't intend for them to have and all of a sudden, it's leaking that into another system or it's returning that in a place that we're not expecting. And I think there's definitely real consequences to that. There also could be real consequences of agents acting sort of without human intervention and making decisions on behalf of our business that we're not expecting. So I think we need strong controls there to really know what data things can access and to know what decisions agents might be making.

I'd love to talk a little bit about what are some of the expectations that we have of our ISVs around this particularly. So with these minimum expectations that you and I have around enforcing the right protocols, the right standards, what should we be detailing to our ISV partners and our SaaS vendors around shipping AI-native features?

Yes. I mean I think it is tough right now, right? Like we're seeing a lot of very new vendors enter the space. You can't -- you can't hold them necessarily to the same standards that you're seeing from the big corporations you've seen before. But I think there are key things that we want to see, right? We want real transparency. We want auditability. We want very granular permissions because I think interactions between these agents and just the many, many data sources that are getting connected, the multiple platforms that are getting connected together. If we don't have good visibility into the data flows between them into exactly the permissions that each agent can take in all of these different spaces that they're now acting in we're going to be in a world of trouble. And so I think that sort of visibility, those sorts of commissions that really put the customer in control of exactly what can be done by these agents are really key. And those are the sorts of things that I'd like to be able to demand from our vendors.

Absolutely. I agree the real-time visibility aspect to this is critical for folks like you and I. What we can't see, we can't action on. And so those controls around how these AI agents are interacting is especially important. And around how they deal with sensitive data, specifically customer data, is incredibly important. Do you have any advice for how you would like to see vendors handle that?

I would really -- I mean I would like to see a few different things. I would really like to see the standard strengthen. I would like to see all of our vendors jumping on board to help develop those standards and to help drive them to a place that they're workable but also really take security -- keep security in mind. I would love to see just visibility into not just data flows and permissions, but visibility into the actions that are being taken in control, good controls over those actions and exactly what can be done there.

I agree. The visibility into those actions and that granularity is absolutely -- like it's necessary for people like you and I. When I think about AI practices and the responsibilities that vendors have around IO practices, and access controls, what would you define as like responsible AI practices for vendors around access controls? What are some of those -- what are those specific ions and responsibilities you'd like to see?

I mean I think the biggest one for me is like truly granular permissions and good access control there. I think when we've got a normal situation where there's a human interacting with an agent understanding the sorts of things they might need to do is easy enough. But as soon as we've got multiple systems interacting together and we've got humans out of the loop in some cases. I think we need to be very precise about what we think that agent might need to do. And how we ensure that they don't get out of hand that they don't take any actions that we weren't expecting. And to me, they're like granular permissions are the most important thing. In addition to just that auditing and visibility of data flows and everything that's happening.

Yes, absolutely, absolutely. I think that you've made a great point there, which is where we are enabling these AI agents to act autonomously with no human interaction they are having access to multiple systems. This is where we absolutely need our ISV partners and SaaS vendors to be on board with using open standards, right? And that we're all singing from the same [indiscernible] around what protocols we're using I really appreciate this insight from you Alyssa. Sort of you're closing a few words for wrapping up your key highlights around what you'd like to see what would you like to say?

Yes. I mean I think the biggest thing is we do want to see vendors mature here, right? Like right now, there's a lot of new vendors entering the space. There's a lot of existing vendors that are pushing fast. Right now, -- right now, our choices aren't as good from a security perspective. But I think as vendors are starting to build up those capabilities, those vendors are going to win, right? We want to see them mature. We want to see them get on board with the standards that are out there, and that's how we're going to be able to trust these things and really use agents to their full potential.

Yes, absolutely. Thank you, again. I think that the message here around trust, and how do we, as leaders of security teams help our security teams trust Agentic AI and in turn, how do we trust our vendors to be able to secure. Agentic AI is the very foundation of how we'll be successful in striking that right balance between not having business -- the business distracted from innovating with AI whilst also making sure that we bake in the right security. Thank you so much for the conversation, Alyssa, and I hope that this has been useful for our audience.

Thank you so much.

The call for action here is simple. This is an absolute business imperative. If you are building AI native features, you cannot wait until it's too late or for regulation to force you interaction. The time to prioritize securing AI agent access and visibility is now. We need our vendors to work with us and to build visibility, accountability control directly into their products. And that means adopting standards like Cross App Access and building with the challenges that we've discussed today in mind. Securing a genetic access is it something that one vendor can solve alone. It is a collective responsibility that we must tackle together.

Thank you, Charlotte and Alyssa for the security practitioners perspective on AI agent security. Now I'm going to sit down with Brandon Edelson, Chief Ecosystem Officer at Zoom, and we are going to talk about how to build AI agents securely. I'm excited to be joined by Brandon Edelson, the Chief Ecosystem Officer at Zoom, a company that's helping shape how people and applications connect in the age of AI. As AI transforms how software behaves, it also changes how platforms interact. Zoom is a perfect example. It's not just a collaboration tool. It's an open ecosystem that uses integrations and Agentic AI to streamline workflows across meetings, chat and third-party applications. Take Zoom and Jira, with this integration, Zoom AI companion can automatically capture action items and meetings and make it easy to create or automatically update Jira tickets. That kind of workflow sounds simple, but without a consistent way to manage access between apps, it can quickly break down. Users can get hit with repeated access prompts and approvals and security teams can face gaps in visibility. The experience becomes fragmented. That's where cross-up access comes in. it creates a common framework for trust between platforms like Okta, Jira and Zoom. This is how we unlock AI at scale by building in security, building inconsistency and building in control right from the start. Brandon, I know Zoom is thinking deeply about how to empower customers with secure and scalable AI. What are you hearing from your enterprise customers with respect to gen AI right now?

So first and foremost, thank you for having me today. To answer your question, one of the biggest things we're hearing from enterprise customers right now is this. They're excited about what AI can unlock, but they're also overwhelmed, especially when it comes to how AI agents, apps and systems are all starting to talk to each other. Companies want to scale AI across their businesses, but they're experiencing friction when it comes to trust and control of how agents and apps connect across systems. Leaders are asking who has access to what, how do we manage approvals when AI is acting on someone else's behalf? And how do we avoid breaking the user experience with constant prompts or disconnected apps?

What are some cool use cases you're seeing in production? And what are some challenges customers are running into?

So let me give you a real example. We're working with a large enterprise in the financial services space. They want to build their own AI agents that can help summarize meetings, detect risk signals in real time and update CRM records automatically. Now this could be game-changing for their business, but every one of those agents would need to connect to internal systems, external tools and customer data, so the company needs a consistent way to manage access across all of that. Now to address this, we've been investing in frameworks that let enterprises ground their interactions in their own workflows and data policies while allowing them to seamlessly integrate with external systems. A great example is the custom AI companion add-on, which allows organizations to build tailored AI experiences using their own organization-specific knowledge bases and internal systems, making AI companion more personalized for their organization. Now alongside that, we also offer a rich set of interfaces from robust APIs and to real-time media streams. So organizations can securely connect Zoom data like audio and transcripts directly into their own applications and systems using the Zoom platform. all of which needs to be done in a way that maintains trust for the customer. To sum up, the theme we keep hearing is we want AI. We need a foundation that can trust and make adoption seamless. And now Zoom is leaning in to help enterprises scale AI securely and seamlessly in a way that fits how they already work. But here's the key. These capabilities only work at scale if authentication and authorization are handled consistently across systems.

So customers want to use AI at scale, they're sort of dying to roll out all of these integrations across their internal as well as external applications the real nut to crack here is how do we help them get authentication and authorization rights so all of these systems can be fully integrated. That obviously makes a lot of sense to us. Perfect. I'm happy to say Zoom is already deeply integrated with Okta, covering identity security needs from single sign-on and provisioning to workflows and universal log out and entitlements. Why is Zoom supporting Cross App Access? And how does it help address what your customers are asking for?

So Zoom's open ecosystem gives our customers the flexibility to choose the tools and services that help them work most efficiently. As a result, they're constantly introducing new systems and platforms alongside Zoom. And the more interconnected those systems become, the more critical it is to make those connections seamless and secure. Also, as AI becomes more a genic and autonomous, the integration layer takes on a new level of importance. It's no longer just about a user toggling between apps. It's about systems communicating on the user's behalf. Now that shift raises the stakes for trust, governance and control, and that's why we're supporting Cross App Access. When platforms operate independently, users get stuck with repeated prompts, fragmented experiences and inconsistent security, a common framework for authentication and authorization ensures access decisions are handled securely behind the scenes without disrupting the user flow. Cross App Access provides that foundation, it puts governance where it belongs at the IT level with centralized policies and visibilities. And at the same time, it delivers a better experience for users. One where everything just works. Now as you mentioned, Zoom already integrates deeply with Okta for SSO, provisioning and entitlements. -- cross-app access is just the next layer. It lets us support AI adoption at scale without sacrificing trust control our user experience.

So amazingly your perspective on this because like as you highlighted, it's both improving the end user experience by removing those repeated prompts that might create a disconnected or fragmented experience as well as improving security and visibility. So there's very few things in the world that can satisfy both those requirements, and it's exciting to see platforms like Zoom really adopt and Champion Cross App Access from that perspective. Can you share some more real-world examples of where Agenetic AI is starting to show up on Zoom's platform, whether it's something you've rolled out or something partners are building?

As mentioned earlier, we've been building frameworks that give customers different levels of control and customization when using AI, whether it's Zoom led or customer defined. One example is zooms custom AI companion, which allows organizations to build tailored AI experiences using third-party apps. With 15 integrations now available, companies are going far beyond meeting summaries. For instance, we have a customer support team can use AI companion during a live Zoom call to pull in documentation, update CRM record and file a follow-up ticket in Jira or Zendesk all in real time without ever leaving the conversation. That's not just generative AI. That's Agentic AI, working on the user's behalf across tools. And on the other side, we're also seeing customers who want to bring Zoom data into their own systems and applications. So their AI agents can act on that information. That's where real-time media streams come in. For example, a sales rep joins a live Zoom call with a prospect, while RTMS streams real-time audio and transcript data to their internal AI system. The system transcribes the conversation, analyze the sentiment, surfaces, coaching insight and prepares actionable next steps. The result here is less time on manual entry and more time closing deals. I mean this is the common thread that we hear is that agents are helping people get more done faster with fewer handoffs and less contact switching. And they're doing this in ways that reflect each organization's unique tools and workflows.

Thank you for those real-world examples. It was really cool to see the perspective that Zoom has where AI is not just generative, but it's truly Agentic, and the truly Agentic use cases where generative AI is being used to take action in real time across multiple systems to reduce the toil that people have to go through to do manual work that seems really, really incredible. That's going to unlock the real future of work.

100%.

Yes. How does Zoom see protocols like cross-app access help balance user experience with stronger IT oversight?

I don't think I have met a user that has ever asked to log in more and get prompted for authentication. So I think this is where cross access really shines. One of the biggest tensions we see is between giving users a seamless experience and ensuring IT still has the controls it needs. And in today's enterprises, environments aren't just made up of individual apps. They're complex systems interacting in real time. And as AI workflows span across internal tools and third-party platforms, the need for consistent policy-based access becomes even more critical. Without that consistency, things get messy real fast and users run into friction or worse IT lags visibility and how systems are interacting and what data is being accessed. So Cross App Access helps solve that. It lets access decisions happen behind the scenes based on clear centralized policies. From the user's perspective, everything -- it just works. And for IT, they can define what agents and systems are allowed to do, see how the access is being used and audit it later if needed. That kind of visibility and delegated control gives teams confidence to scale interconnected systems and AI responsibly. Users get simplicity. IT gets peace of mind and that's what ultimately drives enterprise-wide adoption.

100%. Simplicity and ease might at the same time. That's what we're shooting for. How are you thinking about app-to-app and agent to app communication evolving within your platform?

So we're seeing a big shift right now. Historically, integrations were all about user-initiated actions. Click the button, trigger workflow, pulling in data from another app. But with the rates of Agentic AI, more of that communication is starting to happen behind the scenes. Now it's not just a person updating a CRM. It's an AI agent doing it automatically after a conversation or pulling data from another system in real time to support a task. These agents are starting to drive a lot of the app to app and agent to app traffic across platforms like Zoom. That changes the game. You need a scalable way to govern how these systems talk to each other, including what data they access, what actions they're allowed to take and how all that gets logged and managed. And that's really where we're focused. At Zoom, we're building a truly open platform with infrastructure that supports this shift from a genic frameworks like custom AI companion to a rich ecosystem of APIs and SDKs. Zoom is poised to connect wherever it's appropriate in an organization's technology stack, giving customers the flexibility to embed Zoom into their workflows securely and intelligently. All it's about meeting our customers where they are and giving enterprises the flexibility to build agent-driven workflows with the trust and guardrails they need to operate at scale. The future isn't user to app, it's users, agents and systems working together seamlessly to get more done with less friction and greater intelligence.

Thank you for supporting the new protocol and standard and for joining me today. Zoom's leadership is a great example of how platforms can lead responsibly while still moving fast. If your product connects with others, now is the time to help shape the standard. Cross App Access gives you a consistent way to manage agent access, meet enterprise requirements and improve the user experience. Let's build the future of identity for Agentic AI together. Get started with Cross App Access today.