Okta CEO: The next frontier of security is AI agent identity
Today, I’m talking with Todd McKinnon, who is co-founder and CEO of Okta, a platform that lets big companies manage security and identity across all the apps and services their employees use. Think of it like login management — actually, that’s a great way to think about it because the way most people encounter Okta is that it’s the thing that makes you log in again right before joining a meeting several times a week, so then you’re late for the meeting… Can you tell we use Okta?
Anyhow, all of that is a big business — Okta has a $14 billion market cap. But big software as a service companies like Okta are under a lot of pressure in the age of AI. Why would you pay their fees when you can just vibe-code your own tools? This so-called Saaspocalypse is a big deal, and Todd recently said he was “paranoid” about it on Okta’s most recent earnings call. So we dug into it, and how he’s putting that paranoia into practice inside Okta — what he’s changing, and what opportunities he’s going after to head off the apocalypse.
Verge subscribers, don’t forget you get exclusive access to ad-free Decoder wherever you get your podcasts. Head here. Not a subscriber? You can sign up here.
The biggest opportunity you’ll hear us talk about is some deep Decoder bait: the idea that it’s not just people whose access and security credentials need management, but also AI agents inside a corporation. This concept has really exploded with the rise of OpenClaw, which came with a ton of security challenges. Can any company keep users, platforms, and data safe if people are just going to buy a Mac Mini, hand their credentials to it, and let OpenClaw do whatever it wants with them? Is simply installing a “kill switch” at the agent level — as Todd suggests — enough?
You’ll hear Todd say that agent identity is something in between a person and a system, which is some of the richest Decoder bait possible, so we spent some time digging into that. It also seems like we are on the cusp of some of the goofiest org chart ideas in history, as people start to manage hybrid teams of people and agents, and I wanted to know how Todd was thinking about that inside of Okta itself.
Like so many of our guests lately, it’s clear that Todd’s a Decoder fan, so this one got deep, about the very nature of building software itself, and what it means to run a software company. That’s right, the Okta episode got emotional. Hang on, it might surprise you. Okay: Okta CEO Todd McKinnon. Here we go.
This interview has been lightly edited for length and clarity.
Todd McKinnon, you’re the Co-founder and CEO of Okta. Welcome to Decoder.
Thank you for having me, Nilay. It’s great to be here.
I’m excited to talk to you. I feel like a real theme of Decoder lately is just me being emotional about the nature of software in 2026. And I can’t think of anyone better to do it with than you, because when I think of emotional software development, I think of big enterprise software CEOs.
Would you like me to soothe your emotions or upset your emotions?
I’m going to start with your emotions, actually. We’re going to get right into your feelings, Todd.
Oh, yeah. All right. I’m really good at talking about my feelings to massive groups of people, so lay it on.
Well, you did. Here we go. We’re going to just jump right into it. A few weeks ago, Okta had earnings. You’re on the call. They asked you about the SaaSpocalypse, which I want to talk about in detail. But this was your response to SaaSpocalypse; this is why we’re starting with feelings. You said, “We are paranoid, and we’re making sure that we’re using all the latest technologies, LLMs, et cetera, to make sure that we have something that’s resilient and secure but has the best features and best capabilities.” This is you talking about, “Hey, agentic software development is real. The idea that our customers would build their own tools instead of paying us for these tools is real. We’re paranoid about it. We’ve got to compete with that.”
That’s a big thing to say. Talk about where you are in SaaSpocalypse because I want to start there, and then I want to zoom out to basically the nature of software in general. But that feels like a big thing for you to say; you need to be paranoid about this threat.
Let’s start with me, personality-wise, and how I operate. I’m very much challenge-driven, and I think a lot of people are in our business and just like, “What’s the next challenge?” And what I see right now in the world is a huge challenge and a huge opportunity. It’s like a huge mountain to climb. And the fundamental level is that I believe strongly that the pie for technology is expanding greatly. The pie of what we can do for people and companies with AI and the common things people talk about, agents, and… This is a massive change, massive disruption. It’s bigger than cloud computing. If you could talk about it, is it as big as the internet? It’s big.
Now, capturing that and leading a company that thrives… Okta has had a decent amount of success, $3 billion in revenue, growing over 10 percent last year, an established brand, and 20,000 customers. We’ve had some decent success. I think the opportunity going forward with all this change and all this disruption is massive. It’s huge. Technology is getting way bigger; there are all kinds of new categories that I think are emerging. For me, personally, it’s an incredible opportunity and challenge to lead the company through this. And to go from what is a mid-size, successful SaaS company to what I think could be one of the most important companies in the world — that’s a huge challenge. It’s a huge opportunity. It’s also daunting because, in some way, it’d be great if things didn’t change that much, our locked-in position was more stable, and we could plug along. But there’s a huge prize. The prize is massive, and that’s incumbent upon us to face this challenge and to go get it.
You’ve talked about this in terms of the pie. You’ve said that the total addressable market for software is growing. I have a lot of questions about Okta in that market as it’s growing. I know you have some announcements about agents, verifying agents, and having a kill switch for agents that I want to talk about. I just want to come back to SaaSpocalypse in general. I understand SaaSpocalypse for run-of-the-mill productivity tools. We use a lot of run-of-the-mill productivity tools here at The Verge; they’re all fine. And I’m always joking that enterprise software CEOs don’t love coming on the show because…
When I grow up, I want to be run-of-the-mill.
Right. But they’re all fine. You can take one piece of project tracking software and replace it with another, and the idea that you’re going to get anything more than a 5 percent productivity improvement, I think, has always been illusory. Maybe you’ll get some better pricing. The idea that I can just vibe code a Trello and now I don’t have to pay Trello because I just have a Trello… I understand that argument. Okta, to me, has seemed much more insulated from that because you have identity, and you have to do security at a scale that most people can’t consider doing security. There are a lot of reasons why paying you to take that liability on is a good business, regardless of whether I can build it myself for cheaper.
What specifically has you paranoid about agentic software and your customers building their own tools to look like Okta? Because to me, that’s actually a little more opaque.
If you look at what these tools can do, it’s amazing. The Claude Code, Cowork, and Codex and… These are… I grew up as a software engineer, and that whole world is being revolutionized. I’ve built a company as a product developer and as an engineer. And so if you don’t question and look at how you’ve built your own company and realize that the world is changing, you’re just naive. Now, we can talk about the reasons why I think Okta is very well positioned and has attributes of the market and attributes of the product that make it very resilient and hard to replace, but you just have to look at the technology and look at what’s possible. And if you’re not circumspect about what got you here and what your moats are and what the upstart would be doing if they were trying to compete with you, I think you’re just naive.
I think it’s a healthy paranoia. When you look at the business, I think there are the features and functionality of our products. And then one thing that’s maybe misunderstood about what we do, or maybe the buyers understand it, but in general might be misunderstood, is that you can build the features and functions, but the last thing is to connect it to everything. Thousands and thousands of different applications, services, and pieces of infrastructure have to be connected to the last mile. And that always changes, so you have to keep that integrated and you have to make sure it’s always up-to-date with the latest changes of the ecosystem. And so the integration part… And then this other part is that, really, it has to work. It’s mission-critical.
Even if you’re building something that looks like Okta, getting the features to work is 10 percent of the battle. Making sure it works 100 percent of the time takes years and years and years. And there’s also a reputational thing. It’s like, “What are you going to trust?” Are you going to trust the proven solution that’s been out there for years? Are you going to trust something that your team just cooked up? Infrastructure software in general…
And then cyber software, I think, is also very well insulated from people vibe coding it themselves just because you’re talking about things that are purchased on… There’s a lot of brand that goes into it. What cyber company do you trust? What cyber company do you trust to be secure itself, and what cyber company do you trust to be up-to-date on all the latest threats? And then people who are buying cyber tools, they’re going to have to look at their bosses and their boards of directors and say, “What did you pick?” “Oh, we got breached. Well, what did you pick?” “Well, I wanted to save a little bit of money to vibe code it.” The category of security and infrastructure software, I think, is a little bit different from some of the app categories that you were talking about.
There’s a little bit of “no one ever got fired for picking IBM” in there. And then I think more cynically, there’s, “I want a vendor for this stuff that is rich enough for me to sue them if something goes wrong.” It’s in there, I hear it from the industry.
Or the more glass-half-full view would be that it can support me.
Yeah, it’s one or the other. Your job is to have the glass be half-full; I have the other job.
I’m trying to connect the dots between what sounds like a good case for being insulated from the market and what you’re describing as healthy paranoia. There’s a new generation of software tools that will help people build competitors to Okta. Whether those competitors are just the next N+1 SaaS competitor or whether it’s the internal team at a company saying, “We’ll build our own identity solutions,” what’s the mechanism that is leading you to say, “We have to be vigilant”? Will the new generation of SaaS companies just be cheaper? They’ll have fewer people, and they’ll build something comparable to Okta that is just vastly cheaper per seat? Is it that the companies will realize, “Oh, we can just build all these connectors, and Claude Code is going to traverse our intranet and log people in manually”? And maybe that’ll be more costly in tokens, but the front end will be cheaper.
If you have the insulation, what is the mechanism that might be a threat to Okta?
I compartmentalize it into two different areas. The first area is just… Probably the most important area is the job as CEO is… The most important job is to figure out a strategy, which means which market you’re going to be in and how you’re going to win in those markets. And for us, there’s a big new emerging market which is AI agents need to log into stuff, and AI agents need to be… You need to have a system to keep track of them, define their role, define their permissions, and what they can connect to and what they can do. That’s a big new market, so getting the company oriented on that massive new market, and that’s one bucket, which is markets.
The second bucket is how we execute to capture that market. And I think the main theme in the second bucket is, and it sounds basic, but I think basics are important, which is… It’s very clear that, especially in software development and innovation, the technical shift is very significant. The number one thing that an organization has to do is turn the dial in terms of how much change it will absorb. In normal operating mode, let’s say you want 20 percent change, 80 percent stays the same, you need to turn that dial up now, you need to change more. Whether that’s your team structure, processes, or the technology you’re using, you have to turn up the change quotient. What I tell the team is that it’s got to be at least 60/40, if not more. And then with that, you give them the freedom to experiment with new technology, learn from what’s happening out there.
By the way, I think one of the most important things is that while you have a healthy appreciation for the change and the impact, you can fall victim to believing what you see online or what you hear because everyone is trying to sell something. Everyone is trying to make their company sound cool, and they’re like they’re embracing the change. When you hear companies, especially big company CEOs, say, “Oh, AI is writing 90 percent of our code right now.” They’re trying to sell something, whether it’s their own substance as a leader or their own organization’s ability to innovate. You’ve got to take that with a grain of salt and say, “Hey, the art of the possible, but as we change, what are we embracing? What’s working for us? What’s not?” But it all comes back to giving the teams freedom to change. And change is hard. It sounds trite, but you really, as a leader, have to force it sometimes, top-down mandates. I like to be bottom-up and empower people. But sometimes to get change to happen, you have to push it.
Tell me about the change. It sounds very specific that you think the change here is that there’s going to be a universe of agents doing work inside of companies, and they need to be permissioned and controlled, and Okta should focus on that. And you’re not so worried about, “Hey, a bunch of people are going to vibe code their own tools, or a bunch of cheaper competitors are going to come up and disrupt us because they vibe coded a competitor to Okta.” It seems like you’re bracketing that and saying, “That’s not a big problem for Okta right now.”
I think if we have the opportunity to win this battle, to be the identity layer for AI agents, and if we win that, that could easily be the biggest category in cyber. Cyber is about 280-ish billion dollars a year. Identity management is about roughly — depending on whose number you believe — it’s roughly 10 percent of that. This new agent layer could be the biggest category in cyber by far. Yeah, winning that is job number one for our company.
Tell me your calibration on how much it’s acceptable to lose the identity piece of your business to whatever vibe coding SaaSpocalypse people think in order to win the bigger market in agent control. Because right now, the argument is, why would anyone keep paying you monthly or yearly for X number of seats when they can pay a lower fee to some solution that someone has built more cheaply? And then once that’s done, it’s done, and you don’t have to pay annually. Why would anyone keep paying you for that if you think the market is bigger for agents?
They’re not mutually exclusive. I think the attributes we talked about, whether it’s reliability, trust, integration, capabilities, and whether the vendor you’re going to trust has enough money to support you, are a foundational thing in both of these markets. Whether it’s people identity for customers, partners, and employees, or it’s this new identity type of agents and facilitating that. They’re not mutually exclusive. But I think what’s happening in the world right now is every organization is… It’s interesting. I think I’d say they’re universally aware of the potential of agents or agentic, the agentic enterprise, which is essentially that they want to make things more automated, and they want to enhance their digital, or enhance their workforce with digital employees, or they want to add new digital employees. They’re all clearly aware of this, but they’re getting a very mixed set of signals and a very messy story about how they do it.
There’s a combination of the big platforms, Amazon, Microsoft, and Google, that are going to sell me agents. It’s not even actually clear what an agent is. Salesforce has Agentforce, ServiceNow has agents, every SaaS company is building agents, and they’re trying to sort through it all. But what they see is that they see a tremendous opportunity to automate things and to basically take the labor budget and divert it into the technology budget and make their companies grow faster and be more efficient. And now what they’re looking for is, “Okay, what are the foundational building blocks to wire that all together and make it work? What are the rails?” And so that’s where the big opportunity is to take the first steps on this, which could be the biggest category of cyber.
When you look at things like OpenClaw, which obviously had a huge moment, and everyone is buying Mac Minis so they can air-gap OpenClaw from their production machine, and then they’re just giving OpenClaw all of their logins and passwords on the Mac Mini. I look at that, and I’m like, “You’ve accomplished nothing.” Right? You’ve given it all the access over here, and maybe it just doesn’t have your file system with your photos on it, but it still has all the access to the tools. But that’s where the excitement is, right? It’s living on the bleeding edge of danger, and saying the agent running on this machine can run overnight and invent its own tools and figure out solutions to problems.
When you are looking at putting rails on that, it feels like you’re actually going to foreclose some opportunities because we don’t yet really know how the agents are going to work. How did you evaluate what was going on with OpenClaw and the way people were giving it permissions, just as that economy developed? I don’t want to call it an economy. How did you look at OpenClaw and the way people were giving it permissions? Is that culture organically developed, and how is it informing your thinking about building for agents at Okta now?
The first thing is that it’s the ChatGPT moment for agents, and then ChatGPT was the Netscape moment for AI. It’s very significant. And the biggest significance, I think, is that it opened everyone’s eyes to the art of the possible. At my son’s soccer game, the parents were talking about OpenClaw. And these aren’t tech people, they’re just talking about how they’re going to automate all their tasks. And so these people are using it in their personal lives, and they’re consumers, they’re IT buyers, they’re a company. It’s a really eye-opening and definitional thing about what an agent can do and what it can be.
As you mentioned, the rails needed are the… And this is a tension… When you get something like an OpenClaw, and you try to experiment with it and play around with it, you say, “Oh, it’s really not that interesting unless it has my data, unless it’s connected to everything.” And this is exactly what these companies or every enterprise are struggling with. It’s like, “Hey, this stuff really needs to have my data, my 50 years of sales inventory, my customer data, and my marketing data. And once it’s all combined, these agents and this agentic layer can do interesting things.”
What the rails we’re putting in place are… Actually, first of all, it sounds basic. But just giving enterprises a list of the agents sounds simple. But they need a list of the agents they have, and then they need a system of record and a list for the agents they could use. What is Salesforce doing? What is ServiceNow doing? What is Claude doing? What agents do they have? And then, “Okay, now what are they connected to?” And making sure that we control and secure what the agents are connected to because, again, the tension is between more and more data, more and more connections.
This is, by the way, why companies like Palantir, Snowflake, and Databricks are doing so well, because what they allow companies to do is, instead of having to actually connect their agentic enterprise to all these separate systems, they pool it into one data warehouse. That’s one model; you can pool it all into one data warehouse and run the agents on that. But I think the longer-term, more scalable model is that you actually have the right permissions and the right access tokens for the agents to access the data directly.
When you go back to the example of OpenClaw, it’s a mindset. Everyone knows what these things can do now, and you have to facilitate access; you have to facilitate making sure that these connections are made in a secure way, in a way they can be understood and monitored. And when things go too far, you can pull them back. And as you experiment in the lab, you can say, “These are the connections we need. We should add more here. We should change this. We should filter this permission.” That’s what companies have to do, and those are the rails we’re trying to put in place.
When I said this was going to be an emotional conversation on software development, the nature of our relationship to databases is at the very heart of that existential crisis that I feel every week on this show. Let me just get your answer to this directly. It sounds like you’re saying SaaSpocalypse might be real, but it’s not real for Okta in the way that most people think SaaSpocalypse is real.
I think what people miss is that the pie is getting much, much larger. I think a few things are true. Everything is getting bigger. I think if you look at the amount spent on software, if you do infrastructure and SaaS and everything, hyperscaler’s software, it’s about $1.2 trillion roughly. If you look at the number of people, the services, the IT services market, it’s about $1.8 trillion. The markets are getting bigger. We’re going to be spending more of that money on software, and the pie is getting bigger. That’s one thing that’s true.
The second thing that’s true is that every piece of technology in the stack, whether it’s SaaS apps or whether it’s devices or OSs or infrastructure, they’re all going to get agentic features, they’re all going to do things more on their own. They’re going to be able to talk to more of them, and they’re going to optimize for agentic.
And I think the last thing is that there is a new layer, and that is the digital worker layer. I’m sure some of the existing companies are going to make the leap, and they’re going to have real digital workers that are coming from Microsoft, Salesforce, and Amazon. I think it’s probably more likely that it’s going to come from companies that weren’t born in the legacy way of building an app. I think it’s hard when you grew up building an app in a certain functional silo. It’s hard to build a digital worker because digital workers need to go across different things; that’s why they’re called workers, that’s why they’re not called one app. And so it’s really hard for companies that have focused on collaboration, HR, or one silo to say, “Hey, now my digital worker really can span all these silos.” Because if you look inside those companies, the whole org structures of these companies and the politics of these companies are that someone owns one silo, so it’s very hard to break through and go broad.
Anyway, I think everything is getting bigger, I think a lot of the apps will have agentic features, I think there’s a new layer of digital workers. Now, back to your question, which is, what’s going on with the SaaSpocalypse? The reality is there will be some losers, and there will be some companies disrupted, and there’ll be new people to take over categories that are now… But that’s back to challenges and making it fun. That’s what fires me up, and I think it fires up a lot of people, too.
You have brilliantly opened the door to the Decoder questions by talking about org charts. I actually think we’re on the cusp of some of the weirdest org charts we’ve ever seen, but tell me about Okta.
Talking about change and change more… One of the hardest things about this whole thing for everyone is experience, what worked in the past, how you got promoted, and what you built your career on; a lot of it is being invalidated. We learned for 30 years like, “Oh, this is how org charts work.” And a lot of that stuff is probably different now, so it’s hard for people to adjust.
Tell me about Okta. What was your org chart in the past? You founded the company; I’m sure you’ve gone through many iterations of it. Where are you at now? And as you talk about changing the balance of change to the company, how are you changing your org chart?
I think the guiding principle is to try to give great people an area where they can be great. It’s really a people-driven org chart. Reward people, promote people, bring in new people, give them an area that could really excite them, and motivate them. And it’s people-centric. The second principle is that, where possible, try to cluster things so you minimize communication paths and you let people be more autonomous in small teams. I found that’s pretty hard. I think pretty quickly there’s… Unless you have very distinct, separate business units and really almost separate companies inside your company, it’s pretty hard to cut down on the lines of communication. I think you can do it, but it’s always, I found a little bit… There’s got to be lines of communication somewhere, and no matter how you slice the org, you’re moving around where the people have to cross org boundaries. But you do try to take that into consideration.
And then I think beyond that, I think a lot of things that people try to do with org charts, whether it’s get people aligned on goals and get a culture that is shipping things quickly, is… It’s really not an org chart thing; it’s a management thing, it’s a leadership thing. And instead of moving the org around all the time, you’d be better spent making sure you have the right management team and the right leadership team to instill those cultural elements. Doing that versus taking your people team and telling them to move stuff around to have a more nimble culture, you probably should just get the right managers and instill that value that way.
This is my joke on Decoder: if you tell me the structure of your company, I can tell you 80 percent of your problems because the tensions just exist in certain structures in predictable ways. And it’s that last 20 percent, which is priorities, leadership, and management. It sounds like you’re pretty functionally structured, but how is Okta actually structured? Are you structured by business line? Do you just have a crack AI team that’s off in the corner? How does this all work?
On the go-to market side, it’s functional. On the G&A side, it’s functional. On the R&D side, it’s by platform. We have two platforms, the Okta platform and our Zero platform. And the R&D is by platform.
The other question I ask everybody who comes on Decoder is about decisions. Again, it’s always great to have a founder because your frameworks change as you come up with a company. How do you make decisions? What’s your framework, and how has that changed over time?
We’re doing an introspection here. I love it.
I told you it would be emotional.
This is Decoder. Decoder is just therapy for me personally. At this point, you can tell what my problems are by the questions I ask.
You’re like casting them out amongst the guests. It’s interesting. When I started Okta, I found myself… I’d worked at Salesforce, and I had a decent-sized team there and felt like I was very decisive. I was like, “We’ve got to do something, here are the options, decide.” And then I started Okta, and I found something interesting: my decision-making process slowed down. And when I was thinking about why, I realized that when I was at Salesforce, my boss was always a safety net, ultimately. It’s like, if I were going to make a bad decision, there was theoretically a boss to stop me. But when I started doing Okta and the company started getting successful, my decision was the decision, and I had better think about it and get it right. And so it slowed down, it slowed down.
And then the company got bigger, and we got into this phase where we went public and got close to a billion dollars of revenue. Then I felt like maybe I needed more input, and I really needed to get expert advice on a lot of things. And what I realized over those years is that my instincts were still pretty good, and I probably should trust my instincts more. And so I think that’s the mode I’ve been in for the last three years. Yeah, the company is bigger than it’s ever been. I’m managing a company that’s bigger than I’ve ever managed by definition, but I think I’ve been leaning more into my instincts.
I think to inform those… To put more detail on that, I think two things are very important. One is that you have to decide which decisions to make. That’s really important. There are a bunch of decisions that I shouldn’t be involved in, and I shouldn’t be making. But the inverse of that is super important, which is the ones that I am making. I’d better focus on them, concentrate on them, and really get those right. And for me, doing that in an effective way, having a detailed grasp of what’s going on, is incredibly important, being in the details. It’s at a scale where it’s hard to know every little thing, but you can really dive into areas and get enough details throughout the year so that when it comes to making those big decisions that you’ve narrowed down and focused on, you can use those details, use your judgment, and trust your instinct to make good, high-quality decisions. It’s the most important thing I do, deciding which decisions to make and getting a high success rate on them.
Put this into practice for me. The big decision we’ve been talking about is whether Okta is going to chase the idea of being the framework for agents in the workforce. That’s a huge market. It is so big that maybe you’re not as worried about SaaSpocalypse as some of the other enterprise CEOs that I talk to, because the market is going to grow so big and we’re going to force-change the company from the top down to make sure that the rate of change is higher and we’re all focused on this opportunity. How did you make that decision? Did you stare at the ocean for a while, and it came to you in a lightning bolt? What was the process there?
I think the high-order bit there is recognizing a world where everything in the stack is going to change. And I think it’s similar to when I started Okta. You never want to exactly follow the past because the past is always… Or history doesn’t repeat, it rhymes. But a lot of it was… I remember in 2009, I was looking at the world and saying, “Hey, there’s going to be a cloud version of everything in the stack, and what are the big unique opportunities there?” And what’s happening with agentic, call it agentic, is that everything is going to be revisited in this agentic world, whether current solutions are going to have agentic capabilities… It’s crazy, like AWS. AWS is the infrastructure business, the most unassailable business. That market, with all the changes with agentic and people building agents and running models, is up for grabs, which is crazy.
All this change and then you just look at what’s going to be required in all this change, and you say it’s… These connections between all these agents and where they’re running, the demand for that is going to be massive because there’s going to be this onrush of agentic capabilities. There’s going to be new stuff that’s built, there’s going to be native vendors that come out of nowhere and take market share, and there’s going to be new markets. And so it’s a macro thing, but now it’s like, “All right, what do you know about the details of your company, Todd? What are you guys good at? You’re good at building something that scales, building something that’s reliable, building something that connects to a lot of different systems. How can you position yourselves in that new market?” And I think those are the big essential things, that’s the bet we’re making.
Take me inside the moment, though, when you’re realizing this happens. Did you write an email? Did you open a Google Doc? Did you just dictate to ChatGPT and say, “Fire off an email from me, agent.” How did that actually work at the company?
Last year, I was in the process of meeting all of our 100 largest customers in person. And the purpose of the meetings was that I wanted to tell them about our vision of this unified identity platform, where we’re the only ones in the industry that have all these capabilities across customer identity, governance, and privilege. And at the same time, the teams were working on agent identity. And in these meetings, I would pitch what I was talking about, and then there’d be interest in, “Oh, we should look at this. We didn’t know how far along you were.” And then I started throwing in this agentic stuff at the end of the meeting. And whenever I would get to that, the people in the meeting would just stop, and they’d be like, “Wait, talk about that some more.”
And then that kept happening and happening until we’re 25, 30 meetings, 40 meetings in, so I would flip it around. We would start with the agents and the new identity type, what customers were thinking about doing with agents, how they’re seeing the potential of the digital worker, agents, and all the confusion, and we wouldn’t get to the other stuff. I remember during our big conference in the fall, it was the last vestiges of the old pitch, followed by the agents. And after that conference, I just said, “Listen, we’ve got to flip this around. People want to hear about the agents, that’s the direction they’re going, and that’s what we need to pivot to and totally focus on.”
All right. Let me ask you my crash-out questions about all of this. Here’s my first one, and you’re a great person to ask this question to because you build a lot of software. You’ve built a company around building software, very bespoke, very complicated software, and you’re trying to sell a lot of software to people who, as you said, would like to replace labor with technology. And there’s a lot there, and I’m looking at the state of the art in AI right now, and I see some cool stuff happening, and I find myself constantly wondering, can the LLM technology we have today, that is a foundation of all of these AI systems, can it bear the weight of our expectations? Can it actually, on any reasonable timeline, do all of the things that people think it can do?
Because I can see it doing some things, and then I see it just hit walls over and over again. And I say, “Well, if it’s brittle, people are not going to adopt it because that brittleness is exactly where you want a human being to just be available to overcome whatever boundary the AI is going to find for itself.” And I can give you examples, but I’m curious if you see that broadly and if you think the technology can actually develop to the point where the market becomes as big as what you’re describing.
Absolutely, the technology can develop. I think there’s a lot of wild extrapolations going on right now, but I think that even if you don’t meet the wild extrapolations people are talking about, the market is still massive. And I think it’s going to take a lot of innovation, good product work, good engineering work, and good process work to make sure that we can achieve these benefits even though it’s not some wild extrapolation of some magic LLM that can do everything in the world.
I see one example. Every software developer I know, especially the senior ones, who are like, “I’m now just describing software.” I’m just writing-
Yeah, that’s a great example. That’s a great example. Now, I believe that is very real and very powerful. But I also believe that there’s going to be more software engineers in five years than there are now. And the reason I believe that is not because I think those people are wrong, but I think what’s going to happen is, first of all, there’s just way more software that we need to build that can be built. And two, what’s going to happen is the software engineers are going to be figuring out how to make it work at scale, how to make sure that systems can be maintained, how to make sure we understand what they actually built, and we need to modify them for the next way….
No one has ever maintained an agentically developed system for five years. No one has ever figured out how to make it scale. No one has ever figured out… That’s where all the work is. And when you combine that with the idea that we’re going to build 10 times more software, that adds up to more people being required to do it. I think both can be true.
Where are those people going to learn how to do it? You’ve already described this, the traditional career path, the traditional org chart is breaking down. I think Meta announced that one manager will now oversee 50 ICs. When I say we’re on the cusp of some wild org charts, that’s what I mean. Some very strange corporate structures are going to blossom here. If the problem is, “Okay, no one has ever maintained an agentic system for five years, and we need more developers to do it.” Where are all those developers going to learn the skills to evaluate the code that agents are writing and deploying, and saying, “Okay, you got it wrong. Here’s how you need to maintain it.”
I think it’s maybe not what everyone says because people like to extrapolate and say everything in the world is changing, the education system is going to change, everything is going to change. I think a lot of the things where people learn, they’ll learn like in college. I think we’ll still teach computer science, it’ll just be different. Just like 50 years ago, we didn’t teach modern compilers; we taught machine code and assembly. And so now, we’ll teach how to coordinate agents and how to architect systems and how to… You’ll probably take some Java development classes, like when I was in college, I took machine code classes to understand how it really works under the covers, but you have to learn the new way. It’s modernization, it’s a new challenge… You’ll have to learn new challenges. And I think it’ll be better because we’re going to learn how to build stuff at scale, not just in terms of the amount of load it can handle, but build a large complex system at scale. Learning that in college, learning that on the job, and people who are early in their careers are leveling up.
There’s also this narrative out there that “Oh, we don’t need any entry-level developers anymore.” I’m very, very… That’s a bad mindset to have because, first of all, those are the people who are probably most open to doing things differently; they’re the least set in their ways. I think entry-level folks will learn how to use these tools and command these workflows to do things at scale in a way that people who learned 10, 15 years ago didn’t.
When I think about the value of agents going out in the world, as you’ve described, they need access to a lot of data. The notion that my company has a bunch of disparate databases and that I should hire an agent to go look at all those databases, put them together, and use the software. The thing that gets me about that every time is the notion that they’re going to build software because I’m not sure they’re building software for anyone… Because I’m not sure the agents are building software for anything but agents to use, and at some point, that software just gets very specialized and very narrow, and it is access to the databases that becomes the most valuable thing.
One of our own designers here at The Verge said to me right before I came to talk to you, he heard I was talking to you, and he said, “All software development in 2026 is just calibrating the interface between your brain and a database.” And right now, all AI development is like, “Would you like to just chat with this database?” And the answer in the enterprise appears to be yes, like, “Let me just talk to my analytics database directly like a person, and it will give me some insights.” And the answer in consumer maybe is no, Google Photos just walked back its AI search because it turns out people prefer the regular search. And I don’t know which one is going to win out over time and where habits for everybody across work and their personal lives will change, but the notion that the database is the important thing and that’s where the value is, because anybody can ask an agent to go make up a bespoke piece of software to do some business function.
Doesn’t it seem likely that the database vendors will just raise their prices, increase the barriers to access, or find other ways to extract more value from having that data? Because that’s what all the agents really need access to.
Well, I think there’s data, and then there’s intelligence. And I think a lot of the intelligence has been codified in the application. The raw database is not that helpful. When you say you want to talk to the database, what you’re really saying is you want some kind of analysis or intelligence done by something, you don’t want to have the ones and zeros and gigabytes of data coming at you. You’re really talking about intelligence.
And that’s the big debate about SaaSpocalypse: who’s going to do that intelligence? Is it the app vendors we have now? I mentioned the data warehouse companies like Databricks, Snowflake, and Palantir; essentially, they’re selling some kind of intelligence, the valuable part of their business is not the ones and zeros. The question is like, “Who’s going to do the intelligence?” And I think that the application companies are going to add some to their capabilities, and there’s going to be new ones. And there’s going to be new ones where that intelligence actually becomes work, not in the sense of app work, but in the sense of work people would have done.
Again, when I’m saying I’m having an existential crisis, as a tech journalist, I have understood software in one way for my entire career. It’s been a pretty good career because the software industry and the tech industry have grown so fast in the 15 years since we started The Verge. But every conversation I’ve had at Decoder over the past few months is with some CEO of a Web 2.0 company that put a beautiful mobile app interface on top of a database, and that thing felt like the application, and they built huge businesses on top of it. And you can describe this in all kinds of ways. We just had the CEO of Zillow on. Zillow is just a beautiful interface to a database, and that’s a really good business for them. I’m asking if you have agents and you’re like, “Go find me a house and order me a sandwich.” You’re going to end up in a place where it might just want to use Zillow, or it might want to cut Zillow out and go directly to the underlying database.
Or Zillow might build the killer agent.
Or Zillow might build the agent. And I’m just not sure how any of that plays out because what you’re really doing is unbundling the data and the intelligence that acts upon the data, and the interface to that data, into three very different things. And everybody still wants to make money and not go out of business. You’re sitting right at the center of it, you’re providing access to everyone. How do you see that playing out right now?
Well, I think the connections are very important because the app needs to… And I think a different way to frame what you’re saying is that there’s an unbundling, and there’s a data layer, an intelligence layer, and a front-end layer, but what also is happening is that it’s all getting more connected. We think of an app, a database, and a user interface as one thing. But as that unbundling happens, what is really happening is all the apps that you thought were in various silos are connecting to each other. And that’s because there are agents on top of them that are connecting to all those silos. The apps themselves are becoming more agentic, and Okta as a company… This is why I’m so excited about this agentic identity and these guardrails we’ve talked about.
It’s also why this needs to be standardized in the industry. There’s no good standard for how… We have pretty good standards now for how… When you single sign-on into your applications, how that interaction works between you and your browser, your phone, and the applications — there are no good standards for how agents connect to a bunch of other systems where they need to get their data. So, there’s some standardization that’s required here, too. But zooming out, it’s like, “Isn’t it exciting? It’s such a challenge.” It’d be much easier if things had just stayed the same, and we could keep in our own little lanes, and our success would be more assured.
I agree it’s exciting, especially because I think we’re going to see a wave of new companies and new ways of thinking. And certainly we’ll see new ways of computing, which is why The Verge exists. We were built around the concept that mobile phones would be important, which, when we launched the site, was not… People were like, “What are you talking about?” It’s hard to even say now, but this was a real thing that we said that we got question marks around.
I think that what I would temper that with is when I have CEOs on the show, and they say, “Companies are interested in replacing their labor budgets with technology budgets.” That is a pretty huge threat. When we talk about how much work will be automated by running around the agents and doing intelligence, one, I wonder, well, who will be spending all that money if no one is making any of that money? And then I think very importantly — this comes back to me asking about whether LLMs can do it — I wonder if any new ideas will be generated in that process at all if we’re just going to automate our way into something that seems pretty boring. We’re just going to run a bunch of business logic, and no one at the bottom who is actually operating a business logic will think, “Oh, I could do this 10 times cheaper if I start my own company.” And go start a new company. There’s something about all of that that I think, and I hear from our audience, is that’s why AI polls as badly as AI polls, even though the opportunities look exciting.
Well, there’ll be a wave of people building agentic systems to do the jobs people do now, or help people do the jobs people do now, then there’ll be another wave of things that are automating processes that weren’t possible before. We’re still in the early parts of that second phase where we’re thinking about, “Hey, we could build this new set of digital workers, and we’re going to get productivity.” We really haven’t gotten to the point where we question, “What is the process that should be happening in all these workflows if it could just be agentic from the start?”
Okta has announced a blueprint for agentic enterprise; it’s basically got three big pillars. It’s how to onboard agents as an identity, which I’m very curious about, and how you think about the difference between agent identity and an actual person. Two, standardize connection points, which you’ve talked about a little bit. And then lastly, this one is great, which is to provide a kill switch in case your agents go rogue.
Talk to me about the first one. You want to create a new identity for agents in the workforce on your network. What does that look like? How is it defined differently from an employee or a person?
Well, agents are a new identity type, and it’s like a combination of… It has some attributes of a human identity and some attributes of just a system, and it’s basically a hybrid of both. And so from a definition perspective, it’s pretty simple. I think where it gets interesting is that it becomes a map that centralizes the list of agents from all your vendors. It can represent agents from all the big platforms. It gives you this central way to keep track of it all. And that’s what companies are struggling with: they hear all the announcements, and they’re very excited about this. They just need a place. “Hey, bring it in centrally and let me see what I have. And now once I see what I have, I can…” Some of these things are very much, “Hey, they’re just one-to-one with people.” Some of them are a set of multiple agents that work with one person. Some of them are totally headless, and they’re just on their own thing, automated with some things, and they need a human in the loop. And you can start to organize things that way.
But it’s all framed in this concept of mapping across different silos. You have agents you’ve built yourself, you have platforms you’re using like Amazon, Microsoft, or Google. You have big apps you’re using, like Salesforce and ServiceNow. It lets you centralize all that in a way that doesn’t lock you into one of those silos. And then, as you said, it can help you say, “All right, all these things unequivocally need to connect to more things. And I can control where they connect to, when they connect to that data warehouse, what permissions they have in that data warehouse, and then across all the different various technologies.” Then, as you said, stuff is going to go wrong, and there’s going to be issues, threats, and prompt injection. And when that happens, it gives you the ability to essentially pull the plug, take the connections away in terms of like, “Oh, this agent is doing something we didn’t expect. Now, what we can do is we can pull away its connections.”
How do you detect whether it’s doing something you didn’t expect?
We don’t have a magic solution to that because it depends on the point of the agent, and that’s dependent on the person who wrote the agent and the system it came from. But we’re working on standards for people to raise that issue, from a technical sense, like raise an alert and have the other elements of the system respond to that.
Is the kill switch just we’re pulling your access, you’re fired, get your stuff, and go?
It’s pulling the access to everything the agent can access, not access to the agent.
Right. It’s just saying we revoked all your passwords.
Shut it down. Yeah, exactly.
You’re out of the system now.
It’s almost like you would take a machine off the network.
When you say that the agent identity is somewhere between a person and a system, go into that in more detail. What specifically do you mean?
When you think about having a system that controls what something has access to, a lot of it is very similar to a person, meaning that just like you would give a person access to applications and then inside of those services and applications, you would say, “Here’s their role, here’s their group, here’s their profile.” That’s a lot of the way these agents are being built and modeled. The reason it’s not like a person is that you have a relationship between the people and the agents in a way that they’re on behalf of, and you want to always take the identity of the person and pass it to the agent and have it use that. And sometimes you want the agent to have its own identity and the systems that talk to do their permissions based on what the agent is, and then it goes back to the person as a human in the loop.
There are different patterns, so that if you actually look at the physical directory of agents, some of the elements are very much like a person. Some of them are only because they’re these agents that can be on behalf of people, or they can be connecting to other agents, and they’re more like systems versus people.
When you look at how the agents operate, you can go look at the chain of thinking at any one of these systems; a lot of times, they’re just talking to themselves in weird ways. I feel like you’re provisioning identity. Obviously, Okta doesn’t think about identity in the most deeply philosophical ways, but Anthropic is very happy to hint that Claude is alive. When you think about it, “Okay, I’m a provider of identity to these systems that are a hybrid between people and something else.” Does it ever occur to you that they might be reasoning in a way that is more human or not, or that you need to address that in some way in the architecture of how you give permissions to them?
We’re pretty pragmatic about it, meaning that we know that the behavior of these systems is non-deterministic and you have to… It’s all about getting this balance right between giving it flexibility to what data, systems, and things it can access and do, and what operations, but then having the ability to reign it in when it goes too far. And I think that’s the right… Ultimately, that’s the right way to balance the effectiveness of these systems and the risk. There’s no free lunch; you have to give it the data if you want it to be effective. And you have to decide if you have zero tolerance for non-deterministic behavior. You can’t give it the data, you can’t give it the permission. And so that’s the balance that we’re helping customers strike.
How do you think about… Okta sits in the middle. You were talking about Salesforce, which has its own agents; there are other vendors that have their own agents. They are not going to want those agents to work across their databases. This comes back to what I think is the central challenge here, and the reason why something like OpenClaw was able to be so powerful so quickly, because it had nothing to do with any of those companies or those platforms. It was just clicking around their browser as though it were an actual person.
It was like a cannon shot out of nowhere. Yeah. Yeah.
Right. And it was because there was no security built into it. And instead of acting on behalf of a person, it just represented itself as a person, and it was off to the races. And Salesforce can’t keep an actual human user from using a different system or orchestrating in their own head, right?
Well, when you build the agents inside the corporate network, you can absolutely do those things, and Salesforce can absolutely write a terms of service that says, “We don’t want the agent from your rival vendor using our system as well.” Are those just politics? Is that negotiation? How is that going to work?
I think there’s only one thing, it’s customers. Customers will have the leverage eventually. And if the customers in a market mechanism don’t have leverage, the government will step in and do antitrust. The reason we have a software industry, do you know why we have a software industry? Because customers finally got fed up with IBM and said, “You have to sell software, operating systems, and applications independent from the hardware.” This is 50, 60 years ago, 70 years ago, IBM is like, “There is no software, there are no applications, there’s this IBM box, and you get it, and we are technology.” And customers want a choice, and finally, the government stepped in and said, “You’ve got to split it up. You’ve got to have operating systems, you’ve got to have hardware, you’ve got to have software.”
And so I think a similar thing, it’s, yeah, of course… Every big vendor that’s trying to protect their entrenched things, whether it’s Microsoft with their new bundle where they’re trying to lock everyone in, they’re going to say, “It all has to be on our thing, and you can’t use other agents against our agents because our agents are better because they have our data and our workflow.” And ultimately, it’s going to be customers that demand change, and if there’s so much monopolistic lock-in, then we have to rely on regulators to come in and fix it.
Well, I do think this is history that you’ve just made. You’re the first CEO of a multi-billion-dollar enterprise software company to advocate for vigorous antitrust enforcement at Decoder, so I’m just going to hold that close to my heart. I do think-
If the market doesn’t work, customers can’t force the choice.
I do think the pre-Reagan antitrust environment that led to IBM being unbundled is very different from today, but we will set that aside.
But I did impress you with my historical reference.
It was very good. Again, the reason I didn’t answer your question correctly is that I’m very surprised that you went to antitrust. That doesn’t usually happen on the show. Isn’t there going to be just some weird pricing war in the middle of all that, where Microsoft says, “Sure, let your other vendor’s agent into 365. We’re just going to charge you a massive access fee to do it.” And…
Yeah, I think that’s very likely. Yeah.
Do you see that playing out now, or do you just see it on the horizon?
Not yet. It’s still very early. If you think of… What is happening now is that people are just getting familiar with the… Call it the siloed agents. They’re just getting familiar with the agents in Microsoft or the agents in Salesforce. We’re not really to the phase yet of multi-silo agents, agents that can go from stovepipe to stovepipe and do these… In cases there are, but that era is still ahead of us. And I think as you get more into that era, some of these issues have become more significant.
And again, just to bring this back to OpenClaw, which I think most of the audience is probably most familiar with, that is the promise of that system. That’s why it lit everyone’s brains up because it was running from system to system, doing some logic, and coming up with some outcomes. Again, the problems that-
The thing about that, and I think a lot of these trends and ideas, is to remember that no one cares about the infrastructure, no one cares about the… Well, this is obviously a dramatic statement. I’ll explain what I mean. But people care about the app in the sense that they care about what it can do. And the reason why OpenClaw was such a lightning in a bottle is that they saw what was possible, they saw what it could do. Now, the fact that it had to do that by connecting to all these systems, and it required access, and there were security issues, it’s like that’s infrastructure and people… Once their mindset gets set on the possible, then it’s up to industry to figure out how it all works under these covers, but people care about the possible in the apps. And I think that you’re going to see it ripple through… As I said, I thought it was the ChatGPT of agents, and it’s very exciting.
You’re saying now is the time to build the guardrails up to make sure these actually work.
Can I ask you about the flip side of that? The promise of agents broadly, AI maybe broadly, is that we will remove these intermediaries. The thing I keep saying is that your computer will just go access the databases all on its own, and you don’t need these app intermediaries or whatever, and we’re going to reshape the app economy.
Then I look at how there’s a bunch of scammers online who are just setting up fake hotel service numbers, calling grandparents, stealing bookings with AI receptionists by just doing SEO hustles, and collecting pennies. And Okta has a role to play there, too, by saying, “Okay, this is fraud, this is a scam. You shouldn’t hand over your identity here.”
I’m not sure anyone is paying attention to that, but I see it ballooning every day, just AI-powered scams, frauds, and identity theft. The idea that someone is going to call me and verify me by voice is under threat by AI in very specific ways. How do you see the flip side here of making sure that the core business that Okta is in, which is making sure it’s a real person doing the thing they’re supposed to do at the right time, isn’t just totally upended by the amount of AI-powered fraud that’s occurring?
Forty percent of our business is authenticating and validating customers, logging into customer websites and mobile apps, and this area is changing a lot with AI as well. And I think what you’re seeing is that the offline identity, driver’s license, passports, these are rapidly digitizing. I think it’s coming at a great time, too, because it gives us something to offer people who really want to do a better job differentiating between agents, OpenClaw, bots that log into their sites, and real people. So, as the offline identities digitize, people have mobile driver’s licenses, the smartphone wallets are getting pretty capable now, and you can do fancy things. Just like you do Apple Pay, you can do biometric authentication on your mobile driver’s license, and then that becomes a very powerful thing to present to a website that will actually prove you’re a person, or in a better sense than was possible before.
It’s a big deal. People need to really know in certain use cases when it’s an agent, when it’s a bot. It’s like this bot problem is not new; it’s an old problem on Twitter/X, and Elon Musk is on trial for talking about bots and how many bots there were. And now I think with AI, it’s becoming supercharged. I think with what we have with these national IDs, passports, and mobile driver’s licenses being digitized, we might have a shot at actually bringing some sanity to that world.
There are some real debates there about privacy, about surveillance, about-
Yeah. What does that mean to actually digitize identity from a credentials’ perspective?
Yeah. Are you guys in that mix? Is that something Okta is actively thinking about, or are you waiting for that to sort itself out politically?
Well, governments are deciding, and governments are deciding that they want to digitize, they want to issue these passports and these national IDs. And in Europe, there are certain standards across the EU. In the United States, it’s very much at the state level. Our customers are really excited about it, and we’re giving them all the capabilities to take advantage of this stuff. Without really specific judgment about how they should do it, we’re just trying to equip them to make sure that they can accept all the regulatory requirements and also all the identities and the digital formats that their users and their citizens want. And so it’s a big part of our future, and we’re working hard on that.
Right next to that is a big fight over age verification in the United States on the app stores and who gets to use what apps. Discord just had a big controversy because they went to an outside vendor. People had a lot of feelings about that outside vendor, and Discord rolled that back. Are you seeing any of that controversy come your way around age verification?
We work with the vendors that are trying to log people in, and they want the best tools and technologies to do age verification. We’re going to make sure we equip them with that.
Technically speaking, it’s often not a technical issue. It’s what ID system do you trust, and is there an ID system for someone that’s 12, 13, 14 years old? And so I think one of the challenges has been out of the scope of a lot of the driver’s license-based or passport national ID-based discussions. But I think that’ll be a use case that’ll be covered, I think, by governments fairly quickly.
Do you think it’s possible to do age verification and still protect people’s privacy?
Go ahead. How do you start to bounce?
There are technical solutions. There are also process and regulatory parts of it. I think ultimately the most privacy-preserving thing is no technology, so there’s going to be a trade-off. If you are trying to automate something and you’re trying to bring technology to something, there’s going to be a risk of centralization and privacy controls, but I do think it’s possible to get the balance right.
It seems like that’s just the other front; the computers are going to get way more capable on their own, and then we are very interested in limiting what people can do with computers in very specific ways. And it does seem like you sit in the middle of it. Todd, we’re going to have to have you back. I feel like there’s yet more emotional crash out for me to have with you.
This is fun. This is super fun.
Tell people quickly what’s next for Okta, what they should be looking for.
I think they should be thinking about how they build the secure agentic enterprise, and how they can use the blueprint we’re proposing to the entire industry, and how to make that possible. And we’re excited to work with everyone in the industry, and particularly the tools, technologies, and products we’re going to be building to make sure that reality comes to fruition.
Amazing. Well, like I said, we’re going to have to have you back to see how all this is going because it feels like it’s going to change really fast. Thank you so much for being on Decoder.
Questions or comments about this episode? Hit us up at decoder@theverge.com. We really do read every email!
Decoder with Nilay Patel
A podcast from The Verge about big ideas and other problems.
