AlphaSignal Logo
/
Article background
OpenAI Ships Keyless Auth and Secure MCP Tunnels for Enterprise Teams
CompanyOpenAI Developers
May 27, 2026
2 min read
API
AGENTS

OpenAI just shipped three infrastructure upgrades that, taken together, represent the most significant enterprise governance push the platform has seen. None of them are model releases. All of them matter if you're running OpenAI at scale inside a real organization.

The package: Secure MCP Tunnels for private-network tool servers, Workload Identity Federation for keyless authentication, and an expanded Admin API with spend alerts, model allowlists, and data retention controls. All three are live on the OpenAI Platform now.

The wall that was blocking enterprise MCP

MCP (Model Context Protocol) is the open standard that lets AI agents call external tools and data sources. The problem for enterprises has never been the protocol itself. The adoption blocker for remote MCP in enterprises has not been protocol support , it has been network policy. Security teams often reject opening inbound firewall rules to internal tool servers, even when OAuth and mTLS are available, because public reachability still expands the attack surface and operational burden.

Secure MCP Tunnel lets you connect private MCP servers to supported OpenAI products without opening inbound firewall ports or exposing those servers to the public internet. You run tunnel-client inside the network that can already reach your MCP server; it opens an outbound HTTPS path to OpenAI, pulls queued MCP work, forwards requests locally, and returns responses through the same tunnel.

How the tunnel actually works

An MCP tunnel is an outbound-only connection from a host inside your network to an OpenAI-hosted MCP endpoint. Use it when your MCP server is private, on-premises, or behind a firewall, but ChatGPT, Codex, the Responses API, or another supported OpenAI surface still needs to call it.

The flow has five steps:

  1. Create a tunnel endpoint in Platform tunnel settings and get a tunnel_id
  2. Run tunnel-client inside the network that can reach your private MCP server
  3. OpenAI products send MCP requests to the OpenAI-hosted tunnel endpoint; tunnel-client long-polls for queued work, forwards each JSON-RPC request to the private MCP server, and posts the response back through the tunnel
Alpha Signal

Don't miss what's next in AI

Join 300,000+ engineers and researchers who get the signal, not the noise.

  • Full access to in-depth AI research breakdowns
  • Be the first to know what's trending before it hits mainstream
  • Daily curated papers, repos, and industry moves