Skip to content

SEP-990: Enable enterprise IdP policy controls during MCP OAuth flows #990

New issue
New issue
Closed
Closed
SEP-990: Enable enterprise IdP policy controls during MCP OAuth flows#990
Assignees
aaronpkpcarleton
Labels
SEPacceptedSEP accepted by core maintainers, but still requires final wording and reference implementation.authawaiting-sdk-changeenhancementNew feature or requestextensionfinalSEP finalized.security
@pcarleton

Description

@pcarleton
pcarleton
opened on Jul 17, 2025

SEP-990: Enable enterprise IdP policy controls during MCP OAuth flows

Title: Enable enterprise IdP policy controls during MCP OAuth flows
Authors: Aaron Parecki (@aaronpk)
Status: draft
Type: Standards Track
Created: 2025-06-04
PR: #646

Abstract

This extension is designed to facilitate secure and interoperable authorization of MCP clients within corporate environments, leveraging existing enterprise identity infrastructure.

  • For end users, this removes the need to manually connect and authorize the MCP Client to individual services within the organization.
  • For enterprise admins, this enables visibility and control over which MCP Servers are able to be used within the organization.

How Has This Been Tested?

We have an end to end implementation of this here, and in-progress MCP implementations with some partners.

Breaking Changes

This is designed to augment the existing OAuth profile by providing an alternative when used under an enterprise IdP. MCP clients can opt in to this profile when necessary.

Additional Context

For more background on this problem, you can refer to my blog post about this here:

Enterprise-Ready MCP

I also presented this at the MCP Dev Summit in May.

A high level overview of the flow is below:

sequenceDiagram
    participant UA as Browser
    participant C as MCP Client
    participant MAS as MCP Authorization Server
    participant MRS as MCP Resource Server
    participant IdP as Identity Provider

    rect rgb(255,255,225)
    C-->>UA: Redirect to IdP
    UA->>+IdP: Redirect to IdP
    Note over IdP: User Logs In
    IdP-->>-UA: IdP Authorization Code
    UA->>C: IdP Authorization Code
    C->>+IdP: Token Request with IdP Authorization Code
    IdP-->-C: ID Token
    end

    note over C: User is logged<br>in to MCP Client.<br>Client stores ID Token.

    C->+IdP: Exchange ID Token for ID-JAG
    note over IdP: Evaluate Policy
    IdP-->-C: Responds with ID-JAG
    C->+MAS: Token Request with ID-JAG
    note over MAS: Validate ID-JAG
    MAS-->-C: MCP Access Token

    loop
    C->>+MRS: Call MCP API with Access Token
    MRS-->>-C: MCP Response with Data
    end
Loading

Important

State: Ready to Review

Metadata

Metadata

Assignees

Labels

SEPacceptedSEP accepted by core maintainers, but still requires final wording and reference implementation.authawaiting-sdk-changeenhancementNew feature or requestextensionfinalSEP finalized.security

Type

No type

Projects

SEP Review Pipeline

Status

Accepted
2025-11-25 Implementation

Status

In progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions