AlphaSignal Logo
/
Article background

Anthropic's EMA Removes MCP's Biggest Enterprise Blocker for 2,000-Person Teams

CompanyClaudeDevs
5D AGO
2 min read
AGENTS
DEVELOPMENT

If you've ever tried rolling out MCP tools to a team larger than a handful of people, you know the pain: every new hire has to manually authenticate to every MCP server one by one. Figma, Linear, Atlassian, Supabase , each one a separate OAuth consent screen, a separate IT ticket, a separate headache. The MCP team has now published Enterprise-Managed Authorization (EMA) as a stable extension, removing what has been MCP's biggest enterprise deployment blocker. Previously, every employee had to manually OAuth into each MCP server individually , a process that created ticket queues for IT teams and left security with no centralized control, no audit trail, and no reliable way to revoke access when someone left the company.

EMA allows organizations to control MCP server access centrally through their trusted identity provider. For end-users, this means a zero-touch setup: the MCP servers they need are connected on first login, with no per-app OAuth and nothing to configure as a one-off. The spec is now stable, and the first wave of real production deployments is already live.

The Problem That Needed Fixing

The standard MCP authorization model required every employee to authorize every server individually , onboarding meant manually connecting service after service. Security teams couldn't enforce consistent policy: access was whatever each user authorized, with no central control or audit trail. Work and personal accounts blurred together, with no way to require a corporate identity.

For security teams, the pre-EMA state created a category of risk documented by the National Security Agency in a May 2026 advisory on MCP security: agent-driven connections established outside IT visibility, often with hardcoded credentials or long-lived personal OAuth tokens, constituted an unmanaged attack surface. EMA closes the specific gap that advisory identified , the absence of centralized identity governance over AI agent tool connections , by routing all access decisions through the IdP's existing policy engine.

Architecture diagram comparing Standard MCP authorization (individual OAuth per server) versus Enterprise-Managed Authorization (single SSO through identity provider)

How It Actually Works

Alpha Signal

Don't miss what's next in AI

Join 300,000+ engineers and researchers who get the signal, not the noise.

  • Full access to in-depth AI research breakdowns
  • Be the first to know what's trending before it hits mainstream
  • Daily curated papers, repos, and industry moves