Okta CEO Todd McKinnon recently sat down for an interview that can only be described as a high-stakes therapy session for the enterprise software elite. Amidst the looming “SaaSpocalypse”—a term that sounds like a low-budget Syfy original movie but apparently keeps $14 billion market cap CEOs awake at night—McKinnon is betting the farm on “AI agent identity.” While the tech world is busy wondering if LLMs can successfully summarize a PDF without hallucinating a new religion, Okta is preparing to give these digital hallucinations their own corporate badges and “kill switches.”

The central argument presented is that we are entering the era of the “agentic enterprise,” where AI agents aren’t just tools but “digital workers” requiring their own identity layer. McKinnon’s primary claim is that these agents exist in a mystical realm between a “person” and a “system.” This is a fascinating assumption, largely because it ignores the fact that an AI agent is, by definition, a system. Calling a script a “hybrid person” is a masterful bit of rebranding designed to justify charging per-seat licensing fees for software that doesn’t have a pulse. If my Python script starts asking for a 401(k) contribution, we have bigger problems than identity management.

McKinnon admits to being “paranoid” about the SaaSpocalypse—the idea that customers will simply “vibe-code” their own tools using Claude or OpenAI instead of paying Okta’s mounting subscription fees. Let’s be real: the “paranoia” here isn’t that a CTO is going to vibe-code a secure, global identity infrastructure on a Sunday afternoon. It’s the fear that the “pie,” as McKinnon calls it, might actually be a balloon losing air. The claim that “vibe-coding” poses a threat to enterprise-grade security is a classic straw man. No Fortune 500 company is going to replace its MFA stack with a prompt-engineered “vibe” unless they are actively looking to be the lead story on BleepingComputer.

Then there’s the “Kill Switch.” Okta’s big innovation for the agentic future is the ability to pull the plug when an agent goes rogue. In the rest of the software world, we call this “revoking an API token” or “disabling a service account.” But in the hype-inflated world of AI, basic access control is rebranded as a “kill switch” to make it sound like McKinnon is personally stopping Skynet from overdrawing the corporate Amex. It’s a solution in search of a problem that we solved in 1998, just with more “agentic” buzzwords.

The most ambitious claim in the interview is that the agent identity market could become the largest category in cybersecurity, potentially dwarfing the current $280 billion spend. This assumes a world where agents outnumber humans 10-to-1 and actually perform meaningful, autonomous work. Currently, AI agents are mostly used for drafting emails that nobody wants to read and generating code that senior devs have to rewrite. Betting the future of a multibillion-dollar company on the “identity” of non-deterministic chatbots feels less like a strategic pivot and more like a desperate attempt to catch the “Decoder bait” trend cycle.

McKinnon also makes the questionable assumption that the “digital worker” layer will be silo-spanning, yet he advocates for “vigorous antitrust enforcement” to ensure big players like Microsoft and Salesforce don’t lock everyone out. It’s a bold move for a SaaS giant to cry for regulators to save them from the very “bundling” tactics that built the modern enterprise landscape. History tells us that Big Tech doesn’t play nice with interoperability unless forced by a court or a massive loss in market share. Expecting a “standardized connection point” for AI agents is like expecting every smartphone to use the same charger—it’s a lovely thought that usually takes a decade of litigation to achieve.

Finally, the interview touches on the “goofy org charts” of the future, where managers might oversee 50 individual contributors and a fleet of AI agents. McKinnon suggests that entry-level developers will simply “command these workflows” rather than writing code. This ignores the “Senior Developer Paradox”: if nobody is an entry-level dev anymore because the agents are doing the “easy” work, where do the senior devs who understand the “agentically developed systems” actually come from? We’re essentially hoping that the next generation of engineers learns how to maintain a nuclear reactor by playing Minecraft.

Okta’s vision for AI agent identity is a masterclass in enterprise pivot-speak. It identifies a real shift in computing but wraps it in enough marketing fluff to simulate a cloud. While Todd McKinnon is busy “mapping the souls” of digital agents, the rest of us will still be waiting for Okta to stop making us log in three times just to join a 10:00 AM Zoom call. If they want to solve the identity crisis, maybe start with the humans first.