The Model Context Protocol (MCP) team recently announced a significant development in its enterprise solutions: the promotion of its Enterprise-Managed Authorisation (EMA) extension to stable status. This update introduces a centralized way for organizations to manage access to MCP servers through their chosen identity provider, addressing a common pain point in enterprise environments—the repeated consent prompts that have plagued user experiences.
The primary goal of the EMA extension is to streamline the login process for end-users. Traditionally, users faced per-server consent prompts, causing unnecessary friction in accessing multiple servers. Now, with this new feature, users can experience a zero-touch login flow. This means that after a single sign-in, employees can seamlessly access all approved MCP servers without facing additional setup or repeated authentication hassles.
As the announcement elaborates, several major players have already adopted this extension, including Anthropic, Microsoft, and Okta. The community feedback has been clear: repeated authorization prompts are a significant obstacle for larger organizations utilizing MCP deployments. The traditional user-scoped model, which relies heavily on interactive authentication practices, simply doesn’t scale well across diverse teams and departments.
The EMA extension fundamentally alters the authorization decision-making process, shifting it to the enterprise identity provider instead of leaving it to individual employees or servers. This means a “single login” experience for connected servers is now possible. Users will inherit access based on the organization’s pre-approved permissions, simplifying their experience and enhancing productivity. The mechanism at play involves an Identity Assertion JWT Authorisation Grant (ID-JAG), which is exchanged for an access token through the MCP server’s authorization server.
“Organisations can centrally manage authorisation for MCP servers, and end-users can access all connected MCP servers through a single login.”
— Model Context Protocol blog
This new architecture highlights a crucial innovation: it separates identity policy from the actual tool interaction. This means the enterprise-managed layer controls whether a user can connect to a server, but it does not scrutinize the MCP traffic once the token has been issued. It’s essential to note that this structure does not provide runtime authorization for individual actions. Therefore, organizations still need to implement their security controls to manage what happens once a user is inside a system.
Industry observers have highlighted the significance of this shift. For instance, Ehsan Hosseini likens EMA to a resolution for the “mess” created by per-user, per-server OAuth. By centralizing authority in enterprise identity providers, organizations can more efficiently determine which clients have access to specific servers. However, it’s crucial to differentiate between connection-level control and per-action control, as EMA does not negate the necessity for policy enforcement concerning sensitive runtime decisions.
Okta, one of the first identity providers to implement EMA, is leveraging its Cross App Access framework to support enterprise connection capabilities. Yet, this rollout is just the beginning, as both the identity provider and the MCP server must endorse the extension for it to function efficiently. For organizations that do not utilize a compatible identity provider, it’s worth noting that there will be alternative paths available.
The community response to EMA has been largely optimistic, with many praising the reduction in friction it promises. Jiquan Ngiam, for example, shared on LinkedIn how this extension addresses one of the most complex challenges related to using agents with corporate data, improving both security and observability by eliminating awkward authorization processes. Numerous commentators have labeled EMA as a structural enhancement for MCP server access, appreciating the shift from individual user prompts to a centralized enterprise control mechanism.
“We’ve heard from the community that authorisation and repeated consent prompts from connected MCP servers is one of the biggest pain points when it comes to managing connectivity in enterprise environments.”
— Model Context Protocol blog
The ecosystem surrounding EMA is expanding as well. The announcement noted that Anthropic has already integrated support into its shared MCP layer for products like Claude, Claude Code, and Cowork. Additionally, Visual Studio Code has included support in its integrated development environment (IDE), while several notable applications, including Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase, have also stepped up to support EMA, with more like Slack currently in progress. This widespread embrace suggests a push to make centralized enterprise authentication a standard, rather than a unique integration, simplifying the operational dynamics of connecting assistants to internal tools at scale.
Inspired by: Source


