Enterprise Identity Federation – Mike Schwartz
Track: Sessions – Day 1 | Ref: 1.6 Speaker: Mike Schwartz, Founder, Gluu
Overview
Mike Schwartz from Gluu presented enterprise identity federation patterns for MCP, covering how organizations can leverage existing identity infrastructure — SAML, OIDC, and OAuth 2.0 — to secure agent interactions across organizational boundaries.
Multi-Tenant Identity Patterns
- Tenant isolation: Each tenant maintains its own identity provider and permission boundaries
- Cross-tenant trust: Federation protocols enable controlled sharing across organizations
- Identity mapping: Translating user identities between different IdP systems
OAuth 2.0 Implementation for MCP
| Aspect | Approach |
|---|---|
| Token management | Short-lived access tokens, refresh token rotation, token binding |
| Scope and permission models | Fine-grained scopes mapped to MCP tool capabilities |
| Consent patterns | User consent, admin pre-consent, delegated consent for agents |
Federation Protocols
- SAML — Legacy enterprise SSO integration
- OIDC (OpenID Connect) — Modern identity layer on top of OAuth 2.0
- OAuth 2.0 — Authorization framework for MCP tool access
Enterprise Integration
- SSO integration: Connecting MCP gateways to existing enterprise SSO infrastructure
- User provisioning: Automated creation and lifecycle management of agent identities
- Group and role sync: Mapping organizational roles to MCP permission sets
- Audit and compliance: Comprehensive logging of identity events for regulatory requirements
Multi-Tenant Architecture
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ Tenant A │ │ Tenant B │ │ Tenant C │
│ (IdP: Entra)│ │ (IdP: Okta) │ │ (IdP: Google)│
└──────┬───────┘ └──────┬───────┘ └──────┬───────┘
│ │ │
│ Federation Protocol (OIDC) │
│ │ │
▼ ▼ ▼
┌─────────────────────────────────────────────────┐
│ MCP Gateway / Broker │
│ (Token validation, tenant routing, audit) │
└─────────────────────┬───────────────────────────┘
│
▼
┌─────────────────────────────────────────────────┐
│ MCP Tool Servers │
│ (Tenant-scoped access, permission enforcement) │
└─────────────────────────────────────────────────┘
Key Takeaways
- Federation first: Leverage existing enterprise identity infrastructure rather than building new auth systems
- Use established OAuth flows: Client credentials, authorization code, and token exchange cover MCP's needs
- Defense in depth: Layer token validation, scope enforcement, and audit logging
- Compliance built-in: Design identity architecture with audit and regulatory requirements from the start