Posts about "OAuth/OIDC"

MCP enterprise-managed authorization (EMA) lets the corporate identity provider decide which MCP servers employees can reach, with no per-server consent prompts. A practical, spec-accurate guide to the ID-JAG flow with a build checklist, and a hard line between what EMA secures (the connection) and what it leaves to you (per-action authorization).

Agent Access Control: Pilot → Production, Part 1 of 6. Why production AI agents must execute on behalf of a human or service identity, not with a shared "agent token." Introduces Subject/Actor/Authority and per-action scoped access for auditable tool calls, plus the Identity Mesh concept for consistent per-action policy decisions across tools.