Sign up to save your podcasts
Or
Share Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new spec like this.
Segment resources:
- https://aaronparecki.com/2025/11/25/1/mcp-authorization-spec-update
- https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
- https://oauth.net/cross-app-access/
- https://oauth.net/2/oauth-best-practice/
Show Notes: https://securityweekly.com/asw-360
View all episodes
By Mike Shema
4.8
44 ratings
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new spec like this.
Segment resources:
- https://aaronparecki.com/2025/11/25/1/mcp-authorization-spec-update
- https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
- https://oauth.net/cross-app-access/
- https://oauth.net/2/oauth-best-practice/
Show Notes: https://securityweekly.com/asw-360
More shows like Application Security Weekly (Video)
View all
Security Now (Audio)
2,007 Listeners
CyberWire Daily
1,026 Listeners
Pod Save America
87,558 Listeners
Darknet Diaries
8,051 Listeners
Hacking Humans
314 Listeners
Cloud Security Podcast
58 Listeners
Cybersecurity Headlines
136 Listeners