Okta (NASDAQ:OKTA) executives outlined how the company is positioning its identity platform amid what they described as a convergence across identity categories, growing interest in cloud-delivered governance and privileged access, and rising customer urgency around securing “agents” in enterprise AI deployments. Speaking in a fireside chat format, Monty Gray, who leads corporate development, and David—who discussed contract metrics and go-to-market changes—also addressed sales structure, product cross-sell, and capital allocation following a newly authorized share repurchase program.
Okta’s role in a converging identity market
Gray described Okta as the “largest independent neutral identity vendor” and framed the company’s value proposition as enabling organizations to “safely adopt any technology” while keeping security central. He said the identity market has evolved from an early focus on enablement—helping enterprises provision users to cloud applications such as Workday or Salesforce—into a more security-focused phase that includes governance and privileged access controls.
Governance traction and the path for privileged access
On product momentum, Gray said Okta has “done extremely well” with its governance offering, calling it a material contributor to new product growth and a strong cross-sell motion into Okta’s installed base of about 20,000 customers. He characterized governance as a natural extension of identity access management that existing sellers can typically cross-sell without significant specialization.
Privileged access, by contrast, was described as “behind the governance one” in maturity due to deployment nuance and the breadth of resource types (such as Kubernetes clusters and databases). Okta uses specialists to support PAM sales in more complex environments, he said.
Gray also discussed deployment dynamics, noting that because Okta is cloud-delivered, the main bottlenecks are often customer change management and policy readiness rather than heavy technology installation. He said customers are seeing “time to value” in weeks or months versus quarters or years associated with more on-prem deployments.
M&A approach, buyback flexibility, and Axiom integration
Following discussion of Okta’s newly authorized $1 billion share repurchase program, Gray said the company remains focused on investing for growth and continues to evaluate tuck-in acquisitions to accelerate roadmap coverage. He framed M&A priorities around expanding:
- User coverage (including contingent labor, deskless workers, and “agents”)
- Resource coverage (from SaaS apps to cloud infrastructure, databases, Kubernetes, and some on-prem systems)
- Use-case coverage (access, MFA, lifecycle management, governance, and privileged access)
Gray cited Axiom as an example of a tuck-in aimed at expanding database resource coverage and adding just-in-time functionality to support privileged access use cases. He said Okta is currently in the “technology integration portion” of the Axiom deal and expects to have something “in early H1” available as part of its PAM offering. On larger-scale deals, he said Okta is “always looking” but does not feel it has to pursue large M&A “right now,” adding that the buyback provides capital structure flexibility and signals confidence.
Cloud neutrality and securing AI agents
Gray emphasized neutrality as a founding principle, arguing that enterprises increasingly need identity that is independent of application silos and cloud platforms. He said Okta’s largest integration is Office 365, which he used as an anecdote that customers adopting major productivity suites still look to Okta to manage identity across broader environments.
He described agentic AI as an accelerant to the same multi-system dynamics: agents may live within applications, orchestrate across stacks, or operate independently, raising the need for a neutral identity layer. Gray said customer awareness is already high and not limited to technology verticals, with CISOs showing both “awareness” and “anxiety” about adopting agents securely. He warned about “shadow agents” that are not governed by an identity system, saying those scenarios can amount to giving agents “overprivileged” or super-user access.
As one customer example, Gray described a financial services firm exploring customer-facing agents. The firm wants agents to interact with customers while accessing sensitive data and internal systems in a compliant way, without exposing information beyond what a given customer relationship should permit. Gray said Okta’s identity controls—policies, entitlements, and reporting—are central to making that automation secure in regulated environments.
He also noted market discussion around securing new AI-related standards and protocols, including Model Context Protocol (MCP), and said Okta has been participating in standards work and has offerings intended to support the identity aspects of MCP.
Monetization pathways and sales execution metrics
On AI agent offerings, Gray said Okta is monetizing products in two buckets: a “build” side and a “manage” side. He positioned Auth0 as a developer-focused identity platform for building applications and customer-facing identity experiences, and said Okta now offers “Auth0 for AI” to support agent building. In parallel, “Okta for AI Agents” is aimed at managing agents within the enterprise. Gray said some customers are adopting both, building internal agents while also managing them through Okta, and he described a “tight story” where agents built with Auth0 can work natively with Okta.
Turning to financial and operating metrics, David discussed Okta’s revenue, remaining performance obligations (RPO), and current RPO (cRPO). He noted that 98% of Okta’s revenue is recurring, making revenue a backward-looking metric while RPO and cRPO are forward-looking. He said Okta continues to steer investors toward cRPO as the best indicator of future subscription revenue.
He attributed divergence between RPO and cRPO growth to longer average contract duration as Okta becomes more enterprise-weighted. He said average duration has historically been about two and a half years, closer to three years for enterprise, and about one year for public sector, with Okta also incentivizing longer-duration deals. David said longer contracts provide more opportunity for account teams to introduce new products and expand usage mid-contract, since customers can expand but typically cannot reduce contracted usage until renewal.
On net retention, David said gross retention has remained healthy and stable for years. He said customers have been more conservative on seat and monthly active user expansion, but Okta has had success upselling and cross-selling newer products, including governance, PAM, security, password management, threat protection, device access, and fine-grained authorization, along with newly introduced AI products. He added that Okta’s go-to-market specialization—implemented at the beginning of fiscal 2026—has produced positive results, contributing to incremental sales capacity increases starting in Q2 and continuing in Q3. David said Okta has “completely lapped” the COVID-era downsell headwinds tied to the zero-interest-rate period roughly three years ago, describing the gross retention recovery as a “slow stabilization” rather than a sharp V-shaped rebound.
He also highlighted new “workforce product suites,” which he described as a bundling approach (“good, better, best”) intended to simplify selling, broaden customer exposure to more tools, and create a pathway to upsell over time. On sales execution, David said Okta is focused on maintaining strong productivity and avoiding overhiring, noting that account executive tenure is at multi-year highs and AE attrition near multi-year lows.
About Okta (NASDAQ:OKTA)
Okta, Inc is a publicly traded provider of identity and access management solutions, headquartered in San Francisco, California. Founded in 2009 by Todd McKinnon and Frederic Kerrest, the company completed its initial public offering in April 2017. Under the leadership of McKinnon as chief executive officer and Kerrest as chief operating officer, Okta has grown into a leading vendor in the cybersecurity space, focusing on secure user authentication, single sign-on and lifecycle management for digital identities.
At the core of Okta’s offering is the Okta Identity Cloud, a suite of cloud-native services that enable organizations to manage user access across web and mobile applications, on-premises systems and APIs.
