- The Deep View
- Posts
- ⚙️ How to make MCP servers enterprise-ready
⚙️ How to make MCP servers enterprise-ready
Good Morning.
Welcome to this special edition of The Deep View, brought to you in collaboration with Descope.
The role of authorization in making MCP servers production-ready
The Model Context Protocol (MCP), created by Anthropic in Nov 2024, provides a framework to standardize how LLMs (i.e. MCP clients) can connect with external tools and systems (i.e. MCP servers). Just a few short months later:
✅ 1000s of MCP servers
✅ Adopted by OpenAI, Microsoft, Google, Figma, Brave, GitLab, and many others
✅ Boasting an active contributor community and strong roadmap
However, developers building remote MCP servers run into a lot of authentication and authorization challenges. Today’s edition will cover the evolution of MCP and auth, what the spec recommends in terms of authorization, and developer best practices.
The evolution of MCP and auth
The more one digs into MCP authorization, the more there is to do.
OAuth is a complex standard with several nuances that, if not taken care of, can lead to vulnerabilities and compromise.
The MCP specification is constantly evolving, and even now there are serious discussions of already adopting new standards like Protected Resource Metadata (PRM) and other OAuth grant types.
Registering clients dynamically is a challenge. This requires supporting Dynamic Client Registration (DCR) and Authorization Server Metadata (ASM), both supported by OAuth but leading to a lot of open questions and extra sprints for developers.
Governing fine-grained access is tricky. Just becoming OAuth-compliant doesn’t solve all authorization challenges. Developers need to think about defining tightly scoped access control for MCP clients, providing visibility to end users and IT admins to give consent in B2C or B2B settings, and adding mechanisms to revoke consent when the need arises.
Developer tips for MCP authorization
If you’re building a remote MCP server and adding authorization in-house, here are some tips:
Separate authorization servers from resource servers. Treat the MCP server as a Resource Server only, and use an external, dedicated authorization server for OAuth flows.
Point MCP clients to an external authorization server. If you have an existing IdP (Identity Provider), configure your MCP server to advertise that issuer’s metadata rather than hosting its own.
Implement function-level scopes for better agent experience (AX). MCP tool calls may not map one-to-one with APIs, so scopes should be validated at the tool or function level.
MCP is an ever-evolving protocol, so if it seems daunting to keep up with, there’s another way forward…
Add OAuth to MCP servers in three lines of code
The Descope MCP Auth SDKs and APIs help developers easily add OAuth-based authorization to their remote MCP servers.
With just a few lines of code, you can plug enterprise-grade OAuth flows into your MCP server—supporting PKCE, dynamic client registration (DCR), authorization server metadata (ASM), consent management, and more.
To see Descope MCP Auth SDKs and other agentic use cases in action, visit our demo microsite.
Start using MCP Auth SDKs today by creating a free Descope account – no credit card (or password) needed.