What is MCP Enterprise-Managed Authorization?

Enterprise-Managed Authorization (EMA) is a Model Context Protocol extension, announced stable on June 18, 2026, that lets an organization's identity provider grant access to MCP servers in bulk. Admins enable an MCP connector once in Okta; users sign in once and inherit access to every approved server, replacing per-server OAuth consent screens with a centrally audited flow.

Which clients and MCP servers support EMA at launch?

Anthropic ships EMA in Claude apps, Claude Code, and Cowork, plus support in Visual Studio Code. MCP servers from Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase ship support at launch, with Slack listed as in progress. Okta is the first supported identity provider, via the Cross App Access protocol.

How does Enterprise-Managed Authorization work under the hood?

EMA uses the Identity Assertion JWT Authorization Grant (ID-JAG) standard. During single sign-on, an MCP client obtains an ID-JAG from the identity provider and exchanges it for an MCP server access token. The MCP server trusts tokens minted via the admin-approved IdP rather than running its own consent UI, so users do not see per-server OAuth prompts.

What enterprise problems does Enterprise-Managed Authorization solve?

EMA gives security teams a single grant-and-revoke surface for every MCP connector instead of one OAuth grant per user per server. Admins set short token lifetimes for fast deprovisioning when employees leave, route audit logs through the IdP, and can force MCP connectors to use only the corporate IdP so personal and work accounts stay separate. Ramp reports 2,000 employees rolled out through Okta with no extra steps.

Model Context Protocol · 2026-06-18 · major

MCP Enterprise-Managed Authorization — zero-touch OAuth for Claude, VS Code, Linear

Enterprise-Managed Authorization, an MCP extension, is now stable. Admins provision MCP servers once through Okta and users get every connector on first login with no per-app OAuth. Claude, VS Code, Linear, Figma, Asana, Atlassian and Supabase ship support; Ramp is live with 2,000 users.

Model Context Protocol blog announcement card for Enterprise-Managed Authorization

MCP's new Enterprise-Managed Authorization extension stabilizes — admins authorize MCP connectors once through Okta, users skip per-app OAuth.

Quick facts

Maker	Model Context Protocol (Anthropic-led, multi-vendor)
What's new	Enterprise-Managed Authorization (EMA) extension stabilized
Protocol	Identity Assertion JWT Authorization Grant (ID-JAG) + OAuth
IdP support	Okta at launch (via Cross App Access)
Client support	Claude apps, Claude Code, Cowork, VS Code
MCP servers	Asana, Atlassian, Canva, Figma, Granola, Linear, Supabase, Slack
Customer rollout	Ramp (2,000 employees provisioned via Okta)

What is it?

Enterprise-Managed Authorization (EMA) is an extension to the Model Context Protocol that just moved from draft to stable. EMA lets a company's identity provider — Okta at launch — grant access to MCP servers in bulk, scoped to user groups and roles. End users open Claude or VS Code, sign in once, and inherit every MCP connector their admin already approved without seeing an OAuth screen.

How does it work?

EMA leans on the Identity Assertion JWT Authorization Grant (ID-JAG) standard. During single sign-on, the MCP client receives an ID-JAG from the IdP and exchanges it for an access token at the MCP server, replacing the per-server consent screen. Admins enable specific MCP servers in the IdP, set group scopes, and audit usage through the same IdP logs they use for SaaS. Reduced token lifetimes let admins deprovision a leaving employee from every MCP server at once.

Why does it matter?

Per-user OAuth on every MCP server is the main reason MCP has not landed in regulated enterprises — security teams want a single audit log and a single revoke button. With EMA stable, an admin can plug an MCP server into Okta the same way they plug in any SaaS, and rollouts the size of Ramp's 2,000-employee deployment become routine. The first wave of supported MCP servers (Asana, Atlassian, Canva, Figma, Linear, Supabase) covers most enterprise workflow tools.

Who is it for?

Enterprise IT, security teams, MCP server maintainers

Frequently asked questions

What is MCP Enterprise-Managed Authorization?: Enterprise-Managed Authorization (EMA) is a Model Context Protocol extension, announced stable on June 18, 2026, that lets an organization's identity provider grant access to MCP servers in bulk. Admins enable an MCP connector once in Okta; users sign in once and inherit access to every approved server, replacing per-server OAuth consent screens with a centrally audited flow.
Which clients and MCP servers support EMA at launch?: Anthropic ships EMA in Claude apps, Claude Code, and Cowork, plus support in Visual Studio Code. MCP servers from Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase ship support at launch, with Slack listed as in progress. Okta is the first supported identity provider, via the Cross App Access protocol.
How does Enterprise-Managed Authorization work under the hood?: EMA uses the Identity Assertion JWT Authorization Grant (ID-JAG) standard. During single sign-on, an MCP client obtains an ID-JAG from the identity provider and exchanges it for an MCP server access token. The MCP server trusts tokens minted via the admin-approved IdP rather than running its own consent UI, so users do not see per-server OAuth prompts.
What enterprise problems does Enterprise-Managed Authorization solve?: EMA gives security teams a single grant-and-revoke surface for every MCP connector instead of one OAuth grant per user per server. Admins set short token lifetimes for fast deprovisioning when employees leave, route audit logs through the IdP, and can force MCP connectors to use only the corporate IdP so personal and work accounts stay separate. Ramp reports 2,000 employees rolled out through Okta with no extra steps.

Try it

Spec: https://modelcontextprotocol.io/extensions/auth/enterprise-managed-authorization