alt Hacker NewsCan someone provide an example of a practical use for this? It doesn't sound like a bad idea, I'm just struggling to imagine where it might be used.
Replies
junon • 06/17/2025
In big systems it's often the case, for better or worse, that two systems don't share a connection to a central auth server.
This spec appears to outline how a user logged into one is automatically logged into another using cryptographically signed tokens.
➕ show 1 reply
JimDabell • 06/17/2025
Appendix A: Use Cases offers several examples.
I wrote a much more narrative version of what this is useful for here: https://aaronparecki.com/2025/05/12/27/enterprise-ready-mcp
It isn't exclusive to MCP, it applies to any regular OAuth connection between apps under the same enterprise IdP too, but MCP is a topical example at the moment.