On Hacker News
Zero-Touch OAuth for MCP
Read the full article on blog.modelcontextprotocol.io ↗192
points
64
comments
1
notable voices
The 5-second version
- The Enterprise-Managed Authorization (EMA) extension is now stable and enables organizations to centrally manage MCP server authorization through their identity provider, eliminating per-user OAuth flows.
- End-users get zero-touch setup: MCP servers are automatically connected on first login based on existing group membership and roles, with no individual consent screens or per-app configuration.
- The technical flow involves the client obtaining an Identity Assertion JWT Authorization Grant (ID-JAG) from the IdP during SSO and exchanging it for an access token from the MCP server's authorization server.
- Early adopters include Okta (identity provider), Anthropic's Claude products and Visual Studio Code (clients), and server providers including Asana, Atlassian, Canva, Figma, Linear, and Supabase.
- Developers can implement EMA by reviewing the specification at the Enterprise-Managed Authorization page, exploring the ext-auth repository and draft spec, and joining the EMA Interest Group for collaboration.
Top voices
Verbatim comments from the thread's most notable / highest-karma participants.
I don't think so. The article is all about reducing friction. Suppose I start a conversation and enter some highly third-party-prompt-injectable request, perhaps "Fork github.com/some_third_party/coolproject and submit a PR to do such-and-such." That repo injects a prompt that attempts to do a tool call to steal all my money. If I indeed have a bank MCP configured, I absolutely want to be prompted! Now I realize it's silly for the prompt to look like "Would you like to grant [OpenAI/Anthrop…Read on HN ↗
brookst13.9k karma
I agree that having auth outside of context window is good. But the real value of MCP is adding a semantic layer on top of APIs. Skills are client side and don’t know the server’s capabilities. MCP lets the server explain its API in natural language so clients who have no prior knowledge of the server, it’s API, or its domain can use it intelligently. I used to think MCP was dumb. I’ve written to large MCP servers, one for CAD and one for music, and I am a complete convert.Read on HN ↗
rvz9.5k karma
This actually looks like a far better use-case for MCPs than the previous per-user per server MCP design which that was completely rushed and made no sense. You can tell with this Anthropic consulted with experts first on the design and implementation of this rather than vibe coding the spec in isolation. Unless the user themselves is compromised and connects via the Enterprise-Managed Authorization, at least you can remotely revoke permissions / access to reduce that risk. We'll see, but give…Read on HN ↗
This is great for normal "apps". We have a really deep need for a lower touch way for our users to interact with us agentically without setting up MCP. It'd be really great to have some sort of temporary session or out-of-band token storage available. Here's our use case: During the sales cycle, the buyer and seller need to exchange a bunch of information then analyze it (which is increasingly agentic). The problem with MCP is the initial setup friction is far greater than users login in themse…Read on HN ↗