MintMCP Fireside Chat with Aaron Parecki of Okta
About the event
Join us for a conversation between Jiquan Ngiam (MintMCP) and Aaron Parecki (Okta) on Giving AI agents safe access to every enterprise app
Most AI agents get into enterprise apps the sketchy way: a user pastes in a long-lived token, clicks through a series of OAuth and login prompts, and from that point on IT has no idea what the agent can touch. That works for one person and one tool. It falls apart the moment a whole company wants its agents reaching Salesforce, Confluence, GitHub, and a dozen other systems.
Enterprise-Managed Authorization, the latest advancement in the MCP spec, closes that gap at the identity layer, so an agent's access is granted, scoped, and revoked the same way every other enterprise login is. Once you connect to an MCP, the preconfigured MCP servers are already connected: no manual setup, no consent screens. It's not every day you get to improve usability and security at the same time.
Under the hood, this is the Cross App Access (XAA) pattern, built on the Identity Assertion JWT Authorization Grant being standardized in the OAuth working group at the IETF. Figuring out how agents get user tokens for connected apps gets messy fast, and this extension lets us skip the auth flows while improving security and observability. We're excited to support it in MintMCP so it works across every agent you use, from Claude, Cursor, and ChatGPT to internal custom agents, with your IdP.
MintMCP serves as the governance layer for MCP infrastructure, managing which servers can operate, enforcing access controls, and providing audit visibility across AI-driven workflows.
Okta serves as the identity layer for the enterprise, verifying every user and agent, governing the apps they can access, and extending those controls to AI through Cross App Access.
About the Speakers
Aaron Parecki is Director of Identity Standards at Okta, where he shapes the open protocols that govern how apps and AI agents access enterprise data. He maintains oauth.net, authored "OAuth 2.0 Simplified," and serves as an editor in the IETF OAuth Working Group, including the Cross App Access (XAA) work now defining how agents authenticate in production.
Jiquan Ngiam is CEO & Co-Founder of MintMCP, an AI agent governance platform that lets teams build securely on AI platforms. He is co-author of "Securing the Model Context Protocol: Risks, Controls, and Governance" and runs 20+ AI agents on MintMCP's product platform, giving him firsthand experience navigating the security challenges of production-grade agent deployments.
By submitting your information, you agree to share your data with and be contacted by MintMCP about their services. Your information will be processed in accordance with our privacy policy.