Anthropic has added support for a new enterprise authentication approach for Model Context Protocol connectors, joining a broader push to make MCP easier to deploy in corporate environments.
The Model Context Protocol community said the Enterprise-Managed Authorization extension is now stable. The standard is designed to let organizations control access to MCP servers through a central identity provider, rather than forcing each employee to authorize every connector separately. For users, that should mean a single login can unlock the MCP tools their organization has approved.
The update addresses one of the biggest complaints about MCP adoption in businesses: repeated consent prompts and a complicated setup process. Under the traditional authorization model, employees must approve each server individually. That creates extra work during onboarding, makes it harder for security teams to enforce policy consistently, and can blur the line between personal and work accounts.
With the new extension, the organization’s identity provider becomes the main decision-maker for connector access. Administrators set policies once, then users inherit access based on their existing group memberships, roles and conditional access rules. The system is intended to eliminate per-app OAuth flows and reduce the need for users to click through separate consent screens.
The protocol uses an identity assertion JWT authorization grant during single sign-on. In practice, the client gets an assertion from the identity provider and exchanges it for an access token from the MCP server’s authorization server. The result is a more centralized model for approving access and tracking it across connectors.
Anthropic is among the early adopters of the new extension. The company said it has implemented the feature in its shared MCP layer for Claude, which means administrators can authorize servers for users across Claude, Claude Code and Cowork. Microsoft’s Visual Studio Code has also added support in preview.
On the identity side, Okta is the first supported provider. Organizations using Okta can provision MCP access to supported servers through compatible clients using Okta’s Cross App Access framework.
A growing list of MCP servers now support the extension, including Asana, Atlassian, Canva, Figma, Granola, Linear and Supabase. Slack and others are working on support as well.
The companies involved say the goal is not just convenience, but better governance. Centralized authorization can give security teams a single audit trail and make it easier to keep enterprise data separated from personal accounts. The hope is that removing repeated login and consent steps will also improve adoption of MCP in larger organizations.
Okta described the extension as a way to turn identity systems into a governance layer for AI connections, while Figma said the change should help enterprises scale MCP more securely without slowing teams down. Linear said the single-login experience is especially useful because connectors can be set up automatically after one sign-in.
The MCP community is encouraging other client, server and identity-platform vendors to adopt the specification. Documentation for the extension, along with the draft specification and source repository, is available for developers who want to implement or test compatibility.
As MCP continues to expand, the new authorization model represents an effort to make enterprise deployments less fragmented. Instead of treating each connector as a separate approval event, the standard aims to let organizations manage access once and apply that decision across the tools their employees use.