MCP is becoming the standard protocol for agent-to-tool communication. We've added MCP as a native tool provider type — agents can now source tools from any MCP server, with Scalekit handling auth via Dynamic Client Registration, full token lifecycle management, and BYOA identity propagation. MCP auth is no longer a developer problem.

A developer ships an agent connecting to a company's internal HR MCP server. Instead of building OAuth plumbing, they register the MCP server with Scalekit. Scalekit handles DCR-based client registration, issues tokens with the org's BYOA claims embedded, and manages refresh transparently. When the HR MCP server receives the tool call, it sees a properly scoped token carrying the employee's org identity — no additional token exchange needed.

For public MCP clients using CIMD: zero-config connection setup. The MCP client self-registers and retrieves its OAuth configuration dynamically. No pre-provisioned client ID required.

What's included

• DCR-based client registration baked in — no manual OAuth app setup per MCP server.
• BYOA custom claims and org roles flow through MCP access tokens without extra token exchange.
• CIMD support enables zero-config MCP client connections.
• Consent screen shows branded org identity — users see who is requesting access, not raw IDs.