← back
(possible dupe but better sound) What does Enterprise Ready MCP mean? — Tobin South, WorkOS
Takeaway
Enterprise-ready MCP requires bolting standard identity, OAuth scopes and audit layers onto remote MCP servers, including multi-hop agent delegation.
Summary
- WorkOS's Tobin South (Stanford AI safety) defines enterprise-ready MCP: identity, scoped authorization, audit, multi-tenant policies for remote MCP servers.
- Maps existing enterprise security primitives — SSO, SCIM, OAuth — to new MCP topologies including agent-to-agent and IT-admin spun-up async workflows.
- WorkOS sells the auth/permissions glue to AI labs so they can ship enterprise MCP without rebuilding identity infra.
- Calls out unsolved problems around delegating user-scoped permissions through multi-hop agent chains.
mcpenterprisesecurity
Original description
Everyone is building MCP servers: from Slack integrations to personal data tools. They're good demos, but not ready to turn into production. So, what does it take to make MCP *enterprise-ready?* We're going to cover the end-to-end process of getting a hacky MCP server authenticated, permissioned, and secure. We'll talk about registries, SSO, audit logs, agent identifiers, autonomy for agents, and oversight. Oh and we'll use MCP to buy some stuff. Come learn the stack needed to scale your MCP to the enterprise and some fun hacks along the way. --- Tobin is a PhD from MIT, a fellow at Stanford as the research lead of the Safe and Useful AI Agents initiative, and the head of AI agents for WorkOS. He's an experienced speaker having presented at events from AI conferences through the world economic forum.