AI Model Context Protocol Adds Centralised Auth for Enterprise
Summary
The Model Context Protocol (MCP) team announced on July 06, 2026, that its Enterprise-Managed Authorisation (EMA) extension has reached stable status. This extension introduces a centralized method for organizations to manage access to MCP servers through their existing identity providers, aiming to replace individual per-server consent prompts with a streamlined, zero-touch user experience. Users can now sign in once and access approved MCP servers without further setup. Adopted by Anthropic, Microsoft, and Okta, EMA addresses a major pain point in enterprise MCP deployments by moving authorization decisions to the identity provider. The architecture utilizes an Identity Assertion JWT Authorisation Grant (ID-JAG) to issue access tokens, separating identity policy from the tool call itself. While EMA centralizes connection-level control, it explicitly does not provide runtime authorization for individual actions, requiring separate organizational controls for in-system activities. Support is growing across the ecosystem, including Anthropic's Claude layers and Visual Studio Code, alongside server-side implementations by Asana, Atlassian, and others.
Key takeaway
For AI Architects or MLOps Engineers deploying AI agents in enterprise environments, the Model Context Protocol's Enterprise-Managed Authorisation extension simplifies access management significantly. You should evaluate integrating EMA with your existing identity provider, such as Okta, to enable single sign-on for MCP servers, reducing user friction and centralizing policy enforcement. Be aware that while EMA controls server access, you still need separate mechanisms for runtime authorization of specific actions within systems.
Key insights
Centralized authorization for AI model servers via enterprise identity providers streamlines access and enhances security.
Principles
- Centralized identity providers can manage access to AI model servers.
- Separate identity policy from tool calls for enhanced security.
- Connection-level authorization differs from per-action runtime control.
Method
An Identity Assertion JWT Authorisation Grant (ID-JAG) is exchanged for an access token by the MCP server's authorization server.
In practice
- Integrate EMA with existing enterprise identity providers.
- Implement single sign-on for multiple MCP servers.
- Establish separate controls for in-system agent actions.
Topics
- Model Context Protocol
- Enterprise Authorization
- Identity Providers
- AI Agent Security
- Access Management
- OAuth
Best for: CTO, VP of Engineering/Data, Director of AI/ML, MLOps Engineer, AI Architect, AI Security Engineer
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by InfoQ.