MCP Enterprise Architecture That Actually Works: The Complete Reference Guide

The final post in Obot’s 10-part series on enterprise MCP. Pull together identity, access, audit, and data layers into a single reference architecture — with a checklist to evaluate where you are and what’s left to build.

Read More

MCP PII Data Security: How Tool Calls Leak PII and How to Stop It

MCP tool calls can silently expose sensitive data. Learn how PII leaks into LLM context and how to prevent it with control plane filtering.

Read More

MCP Prompt Injection: Why Your AI Agents Can’t Defend Against It Alone

MCP prompt injection is a structural risk for AI agents. Learn how attackers exploit autonomous tool retrieval and how to defend with layered infrastructure controls.

Read More

Fine-Grained MCP Access Control: Beyond Server-Level Permissions

Server-level MCP access control isn’t enough. Learn how tool-level permissions, IdP-mapped registries, and agent-scoped tool sets enforce least privilege at enterprise scale.

Read More

What Your Security Team Will Ask Before Approving MCP in Production

Preparing for MCP enterprise security review? Here is every question your security team will ask about access controls, audit logs, credentials, and data and how to answer them.

Read More

MCP Enterprise IdP Integration for Third-Party Servers

Learn how to navigate MCP enterprise IdP integration, enabling efficient access for your team while reducing infrastructure burden.

Read More

MCP Token Security: Why Your Clients Shouldn’t Hold OAuth Tokens

Understand MCP token security and learn how to effectively manage OAuth access tokens after client authentication.

Read More

MCP Dynamic Client Registration: Why it Matters and How To Accomplish it with Entra

MCP Dynamic Client Registration is required by the MCP spec, but Microsoft Entra ID does not support it. Here’s what that means for enterprise deployments—and the control plane pattern that bridges the gap.

Read More

MCP Identity Management at Enterprise Scale: Solving the OAuth Sprawl Problem

Learn how to navigate MCP identity management challenges with insights for managing multiple servers effectively.

Read More

Why MCP Authentication Is Harder Than It Looks

MCP development starts fast. Then you hit OAuth. Here’s what production-ready MCP authentication actually requires — and why the complexity multiplies when you’re running more than one server.

Read More