WSO2 Changelog

Asgardeo now offers enhanced support for standards-based authorization within the Model Context Protocol (MCP). MCP clients can be easily registered as applications in Asgardeo, utilizing a preconfigured template that aligns with the recommended identity configurations specified in the MCP standard.

Furthermore, MCP servers can be registered as protected resources. This allows for granular control over access to the MCP servers themselves, as well as their associated tools and resources. Organizations can define specific permissions for MCP tools and resources within registered MCP servers, thereby reflecting various access levels. This enables the authorization of MCP client applications to access these resources and the granting of user access through Role-Based Access Control (RBAC).

These capabilities streamline MCP integrations, ensure consistent authorization rules, and guarantee that only the appropriate clients and users have access to the necessary resources.

Documentation:

• https://wso2.com/asgardeo/docs/guides/authorization/mcp-server-authorization/
• https://wso2.com/asgardeo/docs/guides/applications/register-mcp-client-app/