Tag: mcp
All the articles with the tag "mcp".
-
XAA and EMA: Field Notes and Insights
Field notes from running Cross-App Access end to end: everything you need is optional, and there is no playbook yet.
-
Agents Need Their Own Accounts
Why AI agents fit neither human accounts nor service accounts: they execute work long after authorization was granted, alternating between delegated and independent authority. Makes the case for first-class agent identities that keep principal, actor, and delegation chain explicit.
-
Six Small Fixes That Make MCP Authorization Less Weird
An identity practitioner's read of the six authorization SEPs in the MCP 2026-07-28 release candidate. Small, unglamorous fixes are exactly what mature protocol work looks like: by converging on proven OAuth and OIDC patterns, this release brings MCP authorization a big step closer to stability and enterprise readiness.
-
My Development Workflow 2026-Q1 Edition
A tour of my agentic development workflow in five phases: brainstorm, design, plan, code, and review plus improve. Covers Cursor and Claude Code with Superpowers skills, AGENTS.md files, parallel worktrees, the MCP servers I rely on daily, and what a good day of mostly-autonomous software delivery actually looks like.
-
Authorization in a Shifting Maze
Why authorization tooling is straining in the AI era: OPA policies that grow slow and unexplainable past a few dozen rules, ReBAC systems like SpiceDB that trade flexibility for a queryable graph, and AI agents that sit inside the perimeter with no gateway in the loop, pushing us toward dynamic, function-level, context-aware authorization through protocols like MCP and A2A.