The Evolution of the Model Context Protocol Toward the Enterprise

The Model Context Protocol (MCP) has become the de facto standard for connecting AI agents with enterprise tools. However, its mass adoption faced a critical obstacle: the lack of a granular authorization layer that would allow companies to control what data and actions agents could execute. Now, that missing piece has arrived.

What Changes with This New Layer?

The new authorization layer introduces a policy-based model that allows administrators to define specific permissions for each agent and tool. For example, an HR agent can access payroll data but cannot modify contracts. This is made possible by a contextual token system that integrates with existing identity providers such as Okta or Azure AD.

Impact for SysAdmins and DevOps

For infrastructure teams, this update means they can deploy AI agents without compromising security. Policies are defined in YAML or JSON, versioned with Git, and audited in real time. Additionally, the need for custom proxies to control access is eliminated, reducing operational complexity.

Related: AI Agent for HR: Gusto Launches a 'Co-founder' That Automates Payroll Without Waiting for Instructions

Business Implications

With this authorization layer, companies can scale the use of AI agents with confidence. Sectors such as finance, healthcare, and human resources, where data privacy is critical, can now automate processes without exposing sensitive information. The promise of autonomous AI is moving closer to enterprise reality.

Read also: Enterprise AI: The Gap Between Promised SLAs and Contractual Reality That Companies Must Address

Source: The New Stack. ForgeNEX Analysis.