Remote MCP authorization enables AI agents to talk to servers to see what they can do

Identity and access management infrastructure company Stytch and IT service management firm Cloudflare have announced the launch of Remote MCP Authorization in Stytch Connected Apps, according to a release. The launch allows developers to easily add authorization to Remote Model Context Protocol (MCP) servers built on Cloudflare Workers and other frameworks supporting MCP servers.

MCP is a standard designed by Anthropic that defines how AI agents can communicate with servers and discover their capabilities. Originally, MCP servers could only run locally on your device. But recent upgrades have defined support for Remote MCP, making it possible for every web application to offer AI agents simple access.

The servers enable the agent to interact with third-party applications and perform complex workflows without requiring custom integrations for each app. It means clients and servers can communicate without human interaction.

Stytch can also be used as an auth provider to handle OAuth for MCP, offering robust infrastructure, security, administrative tools and built-in future proofing. Per the release, the launch of Stytch Connected Apps for MCP servers gives apps and agents the power to authenticate with one another using best-in-class security practices and infrastructure. The company says it is excited to partner closely with Cloudflare to understand the evolving needs and use cases for Remote MCP servers.

Agents are not web applications, says Arcade.dev’s Salazar

The latest episode of the AI Without Borders podcast also looks at agent tool authentication. It features Alex Salazar, founder and CEO of Arcade.dev, a platform tackling secure tool authentication. Salazar contemplates how agents have changed the security landscape.

“No one had ever really contemplated agents in the traditional security posture,” he says.  “If you think of the world pre-agents you would go to some website, you’d maybe log in with Google, you’d go through the OAuth flow in your browser, get dropped back into the application and then that application could interact with Google.”

Now, he says, “the authentication and authorization problem really comes in when the agent attempts to do something, when it tries to act and when it tries to integrate to something else, that’s when auth really matters. Is this a trusted agent? Can I trust this agent or is this some random agent? Then the agent itself is going to have its own credentials.

Salazar says that existing protocols “are really designed for web applications where there’s a browser involved and the user’s at the keyboard when it happens. Agents are not web apps. They might have a web front end but all the agent logic is typically a tier beneath the web app. And if it’s designed properly the tool calling layer is a tier beneath the agent itself.”

AI agents coming on strong in 2025

AI agents are a definite trend to watch as 2025 progresses. According to CB Insights, mentions of AI agents on corporate earnings calls grew four times quarter-over-quarter in Q4 2024. And they’re on pace to double again this quarter.

“AI agents can accomplish complex tasks on a user’s behalf with minimal intervention, from sales prospecting to compliance decisioning,” says CB. It identifies four areas of which to take particular note. The first is that “tech giants’ LLM developments will make agents better, cheaper, and more pervasive while also putting more pressure on private players.”

Next, the private AI agent market is moving toward greater specialization, with industry-specific solutions.

Third, the AI agent infrastructure stack is crystallizing: “the fragmented landscape is becoming more structured, with specialized solutions emerging for different aspects of agent development. Key categories include data curation, web search and tool use, and evaluation and observability, as well as full-stack AI agent development platforms.

Finally, enterprises are moving from experimentation to implementation, actively exploring AI agent adoption, with 63 percent surveyed by CB Insights placing high importance on them for the next 12 months.

Article Topics

AI agents  |  authentication  |  authorization  |  Cloudflare  |  cybersecurity  |  identity access management (IAM)  |  Stytch