AI Memory with Boundaries: How Spydr Used Stytch to Power their MCP Server

Spydr is building a Universal Context Layer for AI, an engine that collects and structures your digital footprint (videos, bookmarks, files, app activity) so AI agents can actually understand you. At the heart of it, is a Model Context Protocol (MCP) server powered by Stytch—a backend that enables scoped, per-user memory access without brittle tokens or pasted secrets, making memory securely shareable across AI interfaces.

The Limits of In-House OAuth

Like a lot of early teams, Spydr initially tried to build authentication in-house. With limited engineering bandwidth, they attempted to roll their own OAuth server—something quick and functional to get early users in the door. But the system quickly showed its limits. It was fragile, hard to extend, and full of edge cases. Every new integration or memory access flow required manually managing tokens, scopes, and client configurations.

The team came across Cloudflare’s documentation on the Model Context Protocol—a proposed standard for how AI agents should interface securely with memory systems. It included a list of identity providers that could support the flow, but Stytch stood out immediately thanks to its clear guides and working examples.

Why Stytch Was the Right Fit

To power a Model Context Protocol-compliant server, Spydr needed more than just a user login flow—they needed identity and access infrastructure that could scale with the complexity of AI-driven memory. That meant:

• Automatically provisioning isolated clients whenever a user connected a new AI agent
• Enforcing per-user memory access without relying on global secrets or long-lived tokens
• Handling secure communication between backend services
• And doing all of it without slowing down a lean team moving fast

Stytch delivered on all of those needs with a backend-native API surface, strong developer tooling, and real-time support that kept things unblocked. The ability to dynamically register OAuth clients wasn’t just helpful—it was essential. Every AI agent needed a secure, scoped view of a user’s memory, and Stytch made that not only possible, but seamless.

Integration, Without the Headaches

Spydr swapped out their homegrown setup and plugged in Stytch to handle the critical pieces of authentication across their stack:

• Dynamic OAuth client registration to generate scoped access for each AI agent
• Machine-to-Machine (M2M) tokens to handle auth between internal services
• Token introspection APIs to validate and control access at runtime

What used to be a messy tangle of tokens and manual configuration became clean, maintainable, and scalable. Just as importantly, the integration didn’t slow them down—it helped them ship their MCP server faster and more securely than expected.

The Result: A Functional, Secure MCP Server

With Stytch handling authentication and identity, Spydr successfully launched one of the first Model Context Protocol-compliant servers—a system where memory access is scoped per user and every agent interaction is securely isolated by design.

Instead of juggling bearer tokens or relying on global secrets, AI agents interfacing with Spydr now authenticate through dynamically generated, user-specific OAuth clients. Access is cleanly bounded to each user’s context, and there’s no risk of memory bleed between sessions or agents.

This structure doesn’t just improve security; it ensures a smoother experience for consumers using Spydr. By handling low-level auth logistics behind the scenes, users can simply connect, receive scoped credentials, and start interacting with their memory layer without friction

What’s Next for Spydr

With the core MCP server live, Spydr is building out more: support for richer modalities like video, social sharing and remixing of memory projects, and eventually open-sourced memory graphs.

Because the access layer is fully abstracted and secure, the team can now focus entirely on product velocity without worrying about how to manage tokens, scopes, or clients across thousands of AI integrations.