Agentic identity for MCP servers: what changes for IAM teams?

TL;DR: Descope’s Agentic Identity Hub and MCP auth SDKs show how OAuth 2.1, PKCE, dynamic client registration, and lifecycle controls are being adapted for AI agents and remote MCP servers, according to WorkOS. The deeper issue is that agentic identity turns delegated access, consent, and revocation into continuous governance problems rather than one-time integrations.

NHIMG editorial — based on content published by WorkOS: Descope for AI Agent Security: Features, Pricing, and Alternatives

By the numbers:

• Descope has raised a total of $88M in seed funding to expand into agentic identity for AI agents and MCP ecosystems.
• Descope’s free tier supports up to 7,500 MAUs or 50 tenants.
• WorkOS targets 99.99% uptime for covered enterprise services.

Questions worth separating out

Q: How should security teams govern AI agents that connect to multiple SaaS tools?

A: Security teams should govern each agent as a distinct non-human identity with its own owner, scopes, lifecycle state, and revocation path.

Q: What breaks when AI agent access is treated like a normal app integration?

A: What breaks is accountability.

Q: How do organisations know if agentic identity controls are actually working?

A: They should look for auditable consent histories, fast revocation, accurate scope logging, and blocked-request telemetry that matches policy.

Practitioner guidance

• Map every agent to an accountable owner Assign a named business and technical owner for each agent, MCP server, and outbound integration.
• Separate onboarding from runtime authority Treat initial consent as the start of governance, not the end.
• Review agent-to-tool relationships individually Do not certify an agent as a single identity if it has multiple third-party connections.

What's in the full article

WorkOS's full article covers the operational detail this post intentionally leaves for the source:

• Pricing tier differences across Free, Pro, Growth, and Enterprise plans for teams modelling MAU impact.
• Feature-by-feature comparison of Descope and WorkOS for B2B SaaS authentication and MCP authorization.
• Implementation detail on WorkOS AuthKit for MCP, including bridge mode and OAuth server metadata.
• Product and platform positioning for teams deciding between broad CIAM coverage and narrower enterprise auth focus.

👉 Read WorkOS's analysis of Descope's Agentic Identity Hub and MCP auth →

Agentic identity for MCP servers: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →