Prove that MCP clients, gateways, and servers from different vendors can secure AI agents together — within and across enterprises.
The OpenID Foundation's Artificial Intelligence Identity Management Community Group (AIIM CG) is running an interoperability event to show that Model Context Protocol (MCP) flows can be secured with open identity standards. Taking place at the Gartner Identity & Access Management Summit 2026 in Las Vegas, the AIIM CG is inviting implementers to take part.
MCP is being adopted quickly to connect AI agents to enterprise tools, services and data. As agents begin to act on behalf of people and organizations, there are three key questions that matter most - which agent is this, what is it allowed to do, and does that still apply when it crosses into another organization?
Open identity standards already answer versions of these questions for humans and workloads. The interoperability event at Gartner will show they can be applied to MCP, and that implementations from different vendors work together when they do.
What it will prove
The event will demonstrate how customers can apply identity based controls to secure MCP flows within an enterprise and across enterprises, using standards drawn from the core MCP specification, MCP extensions, or elsewhere.
The point is interoperability. When these standards are implemented correctly, an organization can choose its own MCP clients, gateways and servers and expect the security properties to hold, regardless of which products it picks.
The uses cases and standards in scope
The testing focuses on two scenarios:
- Agent governance - ensuring that only authorized agents can reach enterprise resources.
- Cross-organizational identity assurance - ensuring that an agent in one organization can access MCP servers in another.
Participants will test interoperability across the following:
- OAuth 2.1 - the baseline authorization framework for the flows.
- OAuth Client ID Metadata Document (CIMD) - an IETF draft standard that lets a client identify itself by URL without prior registration. Here it is used to confirm which agent is making the request.
- Enterprise Managed Authorization: Based on the Identity Assertion JWT Authorization Grant, which is in turn based on ID-Chaining. This ensures identities are conveyed securely across organizational boundaries. It provides seamless access to cross-organizational MCP servers without requiring the user to relogin.
How the flow works
Once MCP clients, authorization servers and MCP servers are in place:
- The MCP Client uses CIMD to obtain an OAuth 2.1 access token.
- The MCP Client uses the access token to access an internal MCP server
- The MCP Client performs an EMA token exchange to obtain an ID-JAG
- The MCP Client exchanges the ID-JAG with the OAuth AS in a third-party enterprise to obtain an OAuth 2.1 access token that works for the MCP server in that enterprise.
- The MCP Client communicates using the obtained OAuth token with the MCP server either in the same enterprise or in the third-party enterprise.
See the detailed test plan here.
Taking part in testing
Participants take at least one role, either MCP client, OpenID Provider, OAuth authorization server, MCP gateway, or MCP server. They must test at least one interaction with another participant in a complementary role. For example, a client testing CIMD against an authorization server.
Each participant keeps their own interoperability matrix, recording which standards they tested and with how many partners. Both sides agree the result before it's submitted, and the AIIM CG consolidates these into the published results - a clear, evidenced record of what interoperated with what.
Get involved
- Interested parties are encouraged to join the AIIM CG's weekly information calls to learn more before committing. Add this meeting to your calendar to participate.
- Participants must commit by end of the day, Pacific Time, on 10 August 2026. Participation is open to all, and free. Participants may commit by emailing the OpenID AIIM CG co-chair, Atul Tulshibagwale, at atul.tulshibagwale@crowdstrike.com.
- The AIIM CG will then host weekly calls designed to support the participants, enable them to ask questions, and schedule mutual interoperability tests with other participants.
- By 16 October, participants must be able to show at least one successful test with a partner, for at least one use case. They are encouraged to keep adding interoperability use cases to their matrix right up until the Gartner IAM Summit in December
The results will be presented by Atul Tulshibagwale of the OpenID Foundation and Erik Wahlström from Gartner during Gartner IAM Summit. A limited number of successful participants will also be given the opportunity to demonstrate their implementations. The AIIM CG will publish guidance on how demonstration slots are prioritized ahead of the commitment date.
Paul Carleton, Core Maintainer of MCP, said: “Anyone deploying agents at enterprise scale hits the challenges this event is testing: agent governance, and identity that survives crossing organizational boundaries. I look forward to seeing implementations from across the ecosystem prove standards like CIMD and ID-JAG work together.”
Atul Tulshibagwale, co-chair of the OpenID AIIM CG, and Senior Director, Continuous Identity Strategy at CrowdStrike, said: ”Agent governance, and cross-organizational identity assurance and seamless access are important problems that enterprises are grappling with as they deploy MCP based AI agents. This interoperability event provides an amazing venue where Gartner IAM Summit attendees can see this in action from multiple implementers.”
Erik Wahlström, VP Analyst, IAM at Gartner, said: “The industry has made significant progress in defining IAM standards for AI agents. Now it's time to prove they work. This initiative validates interoperability across implementations and helps accelerate deployment across the IAM ecosystem. We're pleased to provide a venue for the community to engage with this important work and see these standards put to the test.”
About the OpenID Foundation
The OpenID Foundation (OIDF) is a global open standards body committed to building trusted identity ecosystems. Our mission is to lead the global community in identity standards that are secure, interoperable, and privacy respecting. Founded in 2007, we are a community of technical experts. The Foundation's OpenID Connect standard is now used by billions of people across millions of applications. More recently, the FAPI security profile - built on OAuth 2.0 - has become the standard of choice for interoperable Open Banking and Open Data implementations, while OpenID for Verifiable Credentials specifications are underpinning a new generation of digital wallets. Today, the OpenID Foundation's standards are the connective tissue that enable people to assert their identity and access their data at scale, the scale of the internet, enabling "networks of networks" to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.
