Claude Enterprise-Managed Auth: Zero-Touch MCP via Okta【2026】
On June 18, 2026, Anthropic shipped one of the most practically significant enterprise features Claude has had: enterprise-managed authorization for MCP connectors. The short version is that IT admins can now provision MCP integrations for their entire organization through Okta, and employees inherit that access automatically when they first open Claude—no OAuth queues, no per-user consent screens, no IT tickets.
It sounds like a small quality-of-life improvement. It is actually a meaningful shift in how AI tooling fits into enterprise identity governance.
Claude for Work
Use Claude as a thought partner for writing, research & decisions — no coding required. 2 live sessions with Yash Thakker.
Claude for Work is a 2-day live workshop on using Claude to supercharge your daily work — writing, research, analysis, and decision-making — without any coding required. Learn how to set up Claude Projects with custom instructions, run deep-research sprints, co-write documents that sound like you, and build repeatable prompt systems for your team. August 1–2, 2026. Hosted by Yash Thakker, founder of AISOLO Technologies, instructor to 350,000+ students.
Includes 1-year access to all session recordings, a personal prompt library, Discord community access, and a certificate of completion. No coding or technical background required. Designed for managers, marketers, founders, and writers.
The Problem Enterprise-Managed Auth Solves
Claude's MCP connectors give Claude real-time access to the tools teams already use—Atlassian, Figma, Asana, Linear, Supabase, and more. They are what turn Claude from a general-purpose assistant into something that can actually act on your Jira backlog, read your Figma designs, or query your Supabase database.
Until now, enabling a connector required two steps:
- Admin step: The organization admin enables the connector for the organization.
- User step: Every individual user authorizes the connector themselves through a standard OAuth consent screen.
The second step is where things broke down at scale. A new hire joining a company that uses a dozen MCP-connected tools faces a queue of twelve OAuth authorizations before they can work. Multiply that by a 2,000-person organization and you have an IT overhead problem. More importantly for security teams: OAuth tokens issued per-user with no centralized expiry control create a governance surface that IT cannot manage consistently.
Enterprise-managed authorization eliminates the user step. Admins authorize connectors once, scope access by IdP group or role, and employees get the right connectors automatically—on first login, with no action required.
How It Works
The flow is straightforward:
- Admin connects their identity provider (currently Okta) to Claude in the admin console
- Admin enables MCP connectors for the organization and scopes them to specific IdP groups or roles
- Employee logs in to Claude—their connectors are already there, populated by their IdP membership
- Access stays current: when someone changes teams or leaves the company, the IdP handles revocation, and connector access expires on the next token refresh
This works across Claude chat, Claude Code, and Claude Cowork. The connector experience is identical regardless of which Claude surface the employee is using.
The security posture is also meaningfully better than per-user OAuth:
- Short-lived tokens: Because access validation happens through the IdP rather than a long-lived OAuth token, admins can reduce token lifetimes significantly without degrading the user experience. A deprovisioned employee's connector access expires fast.
- IdP-only mode: Admins can require that a connector only ever connects through the IdP, preventing users from accidentally linking personal accounts to work tools.
- Unified audit trail: All connector access flows through the identity provider, so it falls under the same security monitoring, compliance logging, and access review processes as the rest of the software stack.
The Open Standard Behind It: ID-JAG and Cross App Access
Enterprise-managed authorization is built on an open standard, not a proprietary Anthropic protocol. This matters because it means any identity provider and any MCP provider can implement it.
The standard is called ID-JAG (Identity JWT Authorization Grant), and here's the brief history:
| Date | Milestone |
|---|---|
| September 2025 | IETF OAuth Working Group adopts ID-JAG specification |
| November 2025 | ID-JAG incorporated into the MCP specification |
| June 18, 2026 | Declared stable as a formal MCP authorization extension |
The mechanism: instead of prompting a user for an OAuth consent screen, the Identity Provider issues a signed identity assertion—the ID-JAG—that MCP servers can use to verify both identity and authorization in a single round trip. No user action required.
Okta's branded implementation of ID-JAG is called Cross App Access (XAA). Okta's TypeScript and Java SDKs already include XAA support, making it straightforward for developers at any MCP provider to add support. Aaron Parecki, Okta's Director of Identity Standards, described it as turning "identity into a centralized governance plane" that gives security teams "strict compliance control and users a seamless, secure experience."
Because the extension is open, Anthropic is not the only MCP host implementing it. VS Code shipped EMA support on the same day.
What's Supported at Launch
Identity providers:
| Provider | Status |
|---|---|
| Okta | Available now |
| Others | Coming soon |
MCP providers with EMA support:
| Provider | Status |
|---|---|
| Asana | Available |
| Atlassian (Jira, Confluence, Rovo) | Available |
| Canva | Available |
| Figma | Available |
| Granola | Available |
| Linear | Available |
| Supabase | Available |
| Slack | Coming soon |
Custom MCP connectors built by your own teams can also implement the open standard and will work identically—the same provisioning flow, the same security posture, the same user experience.
Claude plans:
Enterprise-managed auth is in beta today for Claude Team and Enterprise plan customers.
What Early Customers Are Seeing
The feedback from organizations in the beta is consistent: the main win is that AI tooling now behaves like the rest of enterprise software rather than a separate category requiring special IT handling.
Ramp (Cameron Leavenworth, Staff IT Engineer): "Before enterprise-managed auth, onboarding a new hire to their full toolkit meant a queue of per-connector OAuth approvals. Now they log in to Claude on day one already connected — 2,000 employees, provisioned through Okta, zero extra steps."
Webflow (Reed Shackelford, Senior Manager, Enterprise AI Operations): "Our team opens Claude and every tool they're cleared for is right there, scoped by the identity groups IT already runs. Enterprise-managed auth turned AI into something people use instead of request."
Linear (Tom Moor, Head of Engineering): "Logging in once and automatically having all your MCP connectors automatically set up is pretty magical."
The pattern across all three is the same: AI access governance folded into existing identity infrastructure rather than requiring a separate management surface.
Why This Is Significant for the MCP Ecosystem
MCP connectors have been the primary mechanism for extending Claude's capabilities into real work contexts since their launch. The Claude knowledge work plugins guide covers the range of integrations available, from document tools to data warehouses to communication platforms.
The connector ecosystem has grown quickly, but enterprise adoption has been limited by the governance gap. Security and IT teams that manage access to every other tool in the stack through their identity provider had no equivalent path for Claude connectors. Enterprise-managed auth closes that gap.
This is also a win for the MCP standard itself. The ID-JAG extension being adopted by Anthropic, VS Code, Okta, and seven MCP providers on the same day creates a real interoperability baseline. Organizations that build on this standard today are not locked into any single vendor's implementation.
For teams working on agentic AI systems, centralized connector governance is a prerequisite for deploying agents across large organizations. An agent that needs to act on Jira tickets, query Supabase, and read Figma files needs access to all three—and IT needs a single place to manage, audit, and revoke that access. Enterprise-managed auth provides exactly that.
What the Security Teams Are Saying
The quotes from partner organizations on the security side are worth reading carefully because they describe a specific governance problem that enterprise-managed auth solves:
Figma (Devdatta Akhawe, VP of Engineering): "As MCP adoption grows, enterprise-managed auth makes it easier for enterprises to scale their MCP deployments securely without slowing teams down."
Supabase (Bil Harmer, CISO): "The only way to use Supabase through Claude was to be an org owner or hand out Personal Access Tokens to everyone on your team. Enterprise-managed auth fixes that: your IdP controls access and roles, so builders can use Claude to explore and query their data without IT compromising on security to get there."
Atlassian (Brendan Haire, VP of Engineering, Rovo and AI): "It gives admins a centralized place to manage MCP clients' access, so organizations can move faster with AI while maintaining the governance they expect."
The Supabase comment is particularly pointed: before EMA, the choice was between giving every developer org-owner-level credentials or distributing Personal Access Tokens with no central revocation mechanism. Neither is acceptable for a finance or healthcare team. EMA gives a third option—IdP-controlled, role-scoped, centrally audited—that matches how every other sensitive tool is managed.
For Security and IT Teams: What to Do Now
If you're on Claude Team or Enterprise:
- Apply for beta access at the Anthropic Help Center (link in the official announcement)
- Connect your Okta instance to your Claude admin console
- Configure connector access by IdP group—start with one team, validate the provisioning flow, then expand
- Set IdP-only mode on connectors where you want to prevent personal account linking
- Review token lifetime settings—EMA makes short lifetimes practical for the first time
If you build MCP providers:
The open standard means you can implement EMA support without waiting for Anthropic to add it explicitly. Okta's TypeScript and Java SDKs include XAA support today. Submit interest to join the beta at the link in the Anthropic announcement.
If you're an identity provider other than Okta:
Anthropic has indicated additional IdPs are coming soon. The open standard means any IdP can implement it by supporting the ID-JAG specification. The MCP blog at blog.modelcontextprotocol.io has the technical spec.
Conclusion
Enterprise-managed authorization for MCP connectors solves a problem that was quietly blocking serious enterprise AI adoption: the gap between how IT manages access to everything else and how it managed Claude connector access (which was: it didn't).
The solution is clean. Build on an open standard (ID-JAG), ship with the identity provider already inside every enterprise IT stack (Okta), launch with seven MCP providers covering the most common enterprise tools, and make the user experience essentially invisible. Employees don't learn a new workflow—they just open Claude and their tools are there.
For organizations already using Claude in financial services or other regulated industries where access governance is non-negotiable, this removes the last significant blocker to broad connector deployment. For everyone else, it makes the onboarding experience for Claude match what employees already expect from enterprise software.
The beta is available now for Team and Enterprise plan customers.
Frequently Asked Questions
What is Claude enterprise-managed authorization? Enterprise-managed authorization (EMA) is a feature in Claude Team and Enterprise plans that lets IT admins provision MCP connectors for their entire organization through an identity provider (currently Okta). Instead of every user completing a per-connector OAuth flow, employees inherit connector access automatically the first time they log in to Claude. Admins configure access once, scope it by IdP group or role, and manage revocation through the same identity system they already use.
What is ID-JAG and how does it relate to MCP? ID-JAG stands for Identity JWT Authorization Grant—a specification adopted by the IETF OAuth Working Group in September 2025 and incorporated into the MCP specification in November 2025. Instead of prompting a user for OAuth consent, the Identity Provider issues a signed identity assertion (the ID-JAG) that lets MCP servers verify both identity and authorization in a single round trip. Okta's branded implementation is called Cross App Access (XAA). Anthropic's EMA is the first production implementation of the now-stable MCP authorization extension.
Which identity providers does Claude support for enterprise-managed auth? Okta is the first supported identity provider at launch (June 18, 2026). Anthropic has indicated that support for additional identity providers is coming soon. Any identity provider can add support by implementing the open ID-JAG / Cross App Access extension to the MCP authorization spec.
Which MCP connectors support enterprise-managed authorization at launch? Seven MCP providers support EMA at launch: Asana, Atlassian (Jira, Confluence, Rovo), Canva, Figma, Granola, Linear, and Supabase. Slack is coming soon. Any MCP provider—including custom internal connectors your teams build—can implement the open standard and will work the same way for all Claude customers.
Who is currently using Claude enterprise-managed auth? HubSpot, Ramp, and Webflow are among the early organizations rolling out enterprise-managed auth across their teams. Ramp's Cameron Leavenworth described it as "2,000 employees provisioned through Okta, zero extra steps" on day one for new hires. Webflow's Reed Shackelford said it "turned AI into something people use instead of request."
What are the security advantages over standard per-user OAuth? With centralized IdP control, admins can shorten access token lifetimes without impacting user experience—so when someone is deprovisioned, connector access expires fast instead of lingering on a stale token. Admins can also enforce IdP-only mode, which prevents users from linking personal accounts to work tools and keeps work and personal use cleanly separated. All connector access falls under the same audit and compliance controls as the rest of the organization's IdP-governed software.
How does enterprise-managed auth affect new employee onboarding? New hires log in to Claude on their first day and every approved MCP connector is already there—Figma, Atlassian, Asana, Supabase, and so on—without filing tickets, waiting for IT approvals, or clicking through individual OAuth consent screens. Provisioning is driven entirely by the IdP groups and roles the employee already has, following the same process that governs access to everything else in the stack.