/
Contact usSee pricingStart building

    About B2B Saas Authentication

    Introduction
    Stytch B2B Basics
    Integration Approaches
      Full-stack overview
      Frontend (pre-built UI)
      Frontend (headless)
      Backend
    Next.js
      Routing
      Authentication
      Sessions
    Migrations
      Overview
      Reconciling data models
      Migrating user data
      Additional migration considerations
      Zero-downtime deployment
      Defining external IDs for members
      Exporting from Stytch
    Custom Domains
      Overview

    Authentication

    Single Sign On
    • Resources

      • Overview
        External SSO Connections
        Standalone SSO
    • Integration Guides

      • Start here
        Backend integration guide
        Headless integration guide
        Pre-built UI integration guide
    OAuth
    • Resources

      • Overview
        Authentication flows
        Identity providers
        Google One Tap
        Provider setup
    • Integration Guides

      • Start here
        Backend integration
        Headless frontend integration
        Pre-built UI frontend integration
    Connected AppsBeta
      Setting up Connected Apps
      About Remote MCP Servers
    • Resources

      • Integrate with AI agents
        Integrate with a remote MCP server
    Sessions
    • Resources

      • Overview
        JWTs vs Session Tokens
        How to use Stytch JWTs
        Custom Claims
    • Integration Guides

      • Start here
        Backend integration
        Frontend integration
    Email OTP
      Overview
    Magic Links
    • Resources

      • Overview
        Email Security Scanner Protections
    • Integration Guides

      • Start here
        Backend integration
        Headless frontend integration
        Pre-built UI frontend integration
    Multi-Factor Authentication
    • Resources

      • Overview
    • Integration Guides

      • Start here
        Backend integration
        Headless frontend integration
        Pre-built UI frontend integration
    Passwords
      Overview
      Strength policies
    UI components
      Overview
      Implement the Discovery flow
      Implement the Organization flow
    DFP Protected Auth
      Overview
      Setting up DFP Protected Auth
      Handling challenges
    M2M Authentication
      Authenticate an M2M Client
      Rotate client secrets
      Import M2M Clients from Auth0

    Authorization & Provisioning

    RBAC
    • Resources

      • Overview
        Stytch Resources & Roles
        Role assignment
    • Integration Guides

      • Start here
        Backend integration
        Headless frontend integration
    SCIM
    • Resources

      • Overview
        Supported actions
    • Integration Guides

      • Using Okta
        Using Microsoft Entra
    Organizations
      Managing org settings
      JIT Provisioning

    Testing

    E2E testing
    Sandbox values
Get support on SlackVisit our developer forum

Contact us

B2B Saas Authentication

/

Guides

/

Authentication

/

Connected Apps

/

About Remote MCP Servers

Use Stytch for Remote MCP Server authorization

Introduction

The growing popularity of Artificial Intelligence (AI) and Large Language Models (LLM) has driven an industry-wide trend towards more humanist experiences with our IT tools. Along with this shift there has been a parallel movement in how those tools interact with each other. As AI gets increasingly sophisticated in communicating with us it is simultaneously growing more capable in what it can do for us.

Within the ecosystem of a particular provider interconnectivity often already exists between tools. For example, Google has integrated Gemini in many of its own applications. Users can ask Gemini to create a task, for instance, and Gemini has the capability to create a new item in Google Keep. Apple Intelligence can summarize your emails and help you respond in Apple Mail. AI that can take actions on behalf of users instead of simply talking to them is a clear direction of progress.

The ability to bring this type of interconnectedness to the ecosystem at large has huge potential benefits for users of AI. This next-generation connectivity between tools has been in active development through a number of different means, but one promising specification that we'll cover here is Anthropic's Model Context Protocol (MCP)

About MCP

MCP is a specification for how AI agents can communicate with, and discover the capabilities of, servers which implement specific functionality. Whereas an LLM may not natively have the capability to perform certain actions, such as sending email, if it can communicate with an MCP server that advertises this capability it is empowered to delegate the implementation of email sending to that server. Naturally, this type of interaction can extend beyond email to whatever services implementers wish to create.

For a short while, MCP was a local-to-machine protocol that enabled a federation of locally hosted services to operate together. The success of this model has inspired a major upcoming extension, Remote MCP, which is poised to bring this kind of service federation to servers across the Internet.

Authorization and authentication becomes increasingly important as MCP becomes remote and servers become publicly available on the Internet. Stytch supports handling the auth process for MCP servers to create a seamless experience for securing access to their services.

Authorization with MCP

From the purposes of implementing authorization with Stytch, MCP servers are a type of Connected App. Stytch supports enabling Dynamic Client Registration in the Connected Apps dashboard. This means, rather than configuring a client app manually, remote MCP Servers can add themselves as a client app in Stytch. After the app registers it operates as a standard Connected Apps client in Stytch, including user management and, when developing a B2B app, Role-Based Access Control.

Remote MCP Servers with Cloudflare

MCP is designed as a Remote Procedure Call (RPC) interprocess communication between applications which originally were running on the same machine using standard interprocess communication methods. This provides an efficient and responsive experience between the MCP client and server. Remote MCP extends this concept by using HTTP as a transport layer with Server-Sent Events and HTTP POST requests to exchange messages.

This is different from HTTP's base idioms and there are few out-of-the-box tools and web services that yet operate according to this protocol. To provide a foundation for creating MCP servers Cloudflare has implemented Remote MCP servers as Cloudflare workers. This is one of the fastest and easiest ways to create a responsive and always-available serverless remote MCP server which can serve requests to the LLM / MCP Client of your choice. This server can then handle the incoming request in a number of ways, such as connecting to other web services to implement functionality for the LLM.

Introduction

About MCP

Authorization with MCP

Remote MCP Servers with Cloudflare