Figuring out how AI agents get access to enterprise apps gets messy fast.
Static API keys and repeated OAuth flows look fine in a demo, but they completely break down at scale.
Lately, much of my work in the IETF OAuth Working Group has focused on solving this exact bottleneck.
By leveraging the Cross-App Access pattern, built on the Identity Assertion JWT Authorization Grant, we can fundamentally change how agents interact with your stack:
• No more manual OAuth dance: Agents get seamless, scoped access to connected apps entirely behind the scenes. • Centralized IT control: Enterprise admins get the clear visibility, security boundaries, and policy control they actually need.
I’m joining Jiquan Ngiam, CEO of MintMCP, to discuss how this plays out in practice. JQ runs over 20 agents on MintMCP's platform, so we’ll explore what MCP Enterprise-Managed Authorization looks like when deployed across tools like Salesforce, GitHub, and Confluence.
If you work in identity, security, or are currently figuring out how to safely deploy AI agents in your enterprise, come join the conversation.
{
"type": "entry",
"published": "2026-07-08T18:12:49-07:00",
"url": "https://aaronparecki.com/2026/07/08/6/",
"category": [
"xaa",
"oauth",
"okta"
],
"syndication": [
"https://www.linkedin.com/posts/aaronparecki_figuring-out-how-ai-agents-get-access-to-share-7480791052413587456-piwS/?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAF6n2UBIZD-4sM0W4WF1KUgW38CmNh16vU"
],
"content": {
"text": "Figuring out how AI agents get access to enterprise apps gets messy fast. \n\nStatic API keys and repeated OAuth flows look fine in a demo, but they completely break down at scale. \n\nLately, much of my work in the IETF OAuth Working Group has focused on solving this exact bottleneck. \n\nBy leveraging the Cross-App Access pattern, built on the Identity Assertion JWT Authorization Grant, we can fundamentally change how agents interact with your stack: \n\n\u2022 No more manual OAuth dance: Agents get seamless, scoped access to connected apps entirely behind the scenes. \n\u2022 Centralized IT control: Enterprise admins get the clear visibility, security boundaries, and policy control they actually need. \n\nI\u2019m joining Jiquan Ngiam, CEO of MintMCP, to discuss how this plays out in practice. JQ runs over 20 agents on MintMCP's platform, so we\u2019ll explore what MCP Enterprise-Managed Authorization looks like when deployed across tools like Salesforce, GitHub, and Confluence. \n\nIf you work in identity, security, or are currently figuring out how to safely deploy AI agents in your enterprise, come join the conversation. \n\nFree and live on Zoom, Jul 9 at 9am Pacific: https://luma.com/va1tfrnf",
"html": "Figuring out how AI agents get access to enterprise apps gets messy fast. <br /><br />Static API keys and repeated OAuth flows look fine in a demo, but they completely break down at scale. <br /><br />Lately, much of my work in the IETF OAuth Working Group has focused on solving this exact bottleneck. <br /><br />By leveraging the Cross-App Access pattern, built on the Identity Assertion JWT Authorization Grant, we can fundamentally change how agents interact with your stack: <br /><br />\u2022 No more manual OAuth dance: Agents get seamless, scoped access to connected apps entirely behind the scenes. <br />\u2022 Centralized IT control: Enterprise admins get the clear visibility, security boundaries, and policy control they actually need. <br /><br />I\u2019m joining Jiquan Ngiam, CEO of MintMCP, to discuss how this plays out in practice. JQ runs over 20 agents on MintMCP's platform, so we\u2019ll explore what MCP Enterprise-Managed Authorization looks like when deployed across tools like Salesforce, GitHub, and Confluence. <br /><br />If you work in identity, security, or are currently figuring out how to safely deploy AI agents in your enterprise, come join the conversation. <br /><br />Free and live on Zoom, Jul 9 at 9am Pacific: <a href=\"https://luma.com/va1tfrnf\"><span>https://</span>luma.com/va1tfrnf</a>"
},
"author": {
"type": "card",
"name": "Aaron Parecki",
"url": "https://aaronparecki.com/",
"photo": "https://aperture-media.p3k.io/aaronparecki.com/41061f9de825966faa22e9c42830e1d4a614a321213b4575b9488aa93f89817a.jpg"
},
"post-type": "note",
"_id": "48859583",
"_source": "16"
}
{
"type": "entry",
"author": {
"name": "Jared White",
"url": "https://jaredwhite.com/",
"photo": null
},
"url": "https://jaredwhite.com/20260708/my-future-in-software-development",
"published": "2026-07-08T15:57:47-07:00",
"content": {
"html": "<p>I won\u2019t beat around the bush. I\u2019ve never thought of myself as a Software Developer who simply happens to play at being an Artist from time to time on the side.</p>\n\n<p><strong>I\u2019ve always seen myself as an Artist.</strong></p>\n\n<p>The fact I happen to make my living as an engineer is a quirk of fate and necessity. Some would call it very lucky. And I suppose, for a while, I <em>was</em> indeed pretty lucky.</p>\n\n<p>I\u2019ve spent the bulk of my career attempting to do relatively few \u201cengineer\u201d things while still making a living as a software developer. I worked for myself <a href=\"https://jaredwhite.com/tag/freelancing\">#freelancing</a> instead of as a full-time employee. I prioritized <a href=\"https://jaredwhite.com/tag/remotework\">#RemoteWork</a> rather than move to Silicon Valley or Seattle or New York or Austin. And I\u2019ve avoided becoming entangled with Big Tech at all costs in favor of\u2026well, virtually anyone else. I\u2019ve had clients who are small businesses, non-profits, agencies partnered with local municipalities, bootstrapped startups, churches, museums, and schools.</p>\n\n<p><strong>Did I screw myself in the end?</strong></p>\n\n<p>Did I miss out big time in not casting my scruples aside and getting a string of high-paying jobby-jobs in Mountain View or Redmond or Round Rock?</p>\n\n<p>Objectively, perhaps not. A <em>lot</em> of developers are struggling right now\u2014I know this for a fact. I don\u2019t think I\u2019m <em>uniquely</em> in a difficult predicament.</p>\n\n<p>And it\u2019s not like there aren\u2019t plenty of other industries where the work itself might be rewarding but the \u201cjob\u201d (aka everything else attached to the role) rather sucks.</p>\n\n<p>Yet\u2026apart from my work in open source such as the <a href=\"https://jaredwhite.com/tag/bridgetown\">#Bridgetown</a> web framework in Ruby, and <a href=\"https://www.whitefusion.studio/portfolio\">a handful of truly wonderful projects</a> I\u2019ve been privileged to work on over the years, I can\u2019t help but wonder if I\u2019m reaching the end of the line, as it were. The longer I try to straddle the fence between Artist and Engineer, the more both may suffer.</p>\n\n<p><strong>My greatest fear is if I were to fully embrace the Engineer in me as a way to survive this terrible job market, I will lose the Artist forever.</strong></p>\n\n<p>Yet the opposite is also scary: if I were to embrace the Artist as a way to live fully true to myself, I will lose nearly everything else by sliding into poverty.</p>\n\n<p>I don\u2019t mean to sound dramatic, but the truth is I\u2019ve lived most of my life with some kind of active tension between these two poles, and with everything going on in the world right now, that tension feels like it\u2019s ratcheting up to the point of breaking utterly.</p>\n\n<p><strong>I fear The Snap.</strong> \ud83d\ude31</p>\n\n<p>And that, more than anything, is a source of genuine existential dread for me right now. I\u2019ve managed to get by for a very long time without compromising my values too much. I may not have much in the way of monetary assets, but I sleep well at night.</p>\n\n<p><em>I wonder if I\u2019m no longer afforded that luxury.</em></p>\n\n<p>The struggle is real.</p>\n\n<p>P.S. <a href=\"https://jaredwhite.com/cv/\">The rumors are true: I\u2019m available for hire!</a> \ud83d\ude05</p>",
"text": "I won\u2019t beat around the bush. I\u2019ve never thought of myself as a Software Developer who simply happens to play at being an Artist from time to time on the side.\n\nI\u2019ve always seen myself as an Artist.\n\nThe fact I happen to make my living as an engineer is a quirk of fate and necessity. Some would call it very lucky. And I suppose, for a while, I was indeed pretty lucky.\n\nI\u2019ve spent the bulk of my career attempting to do relatively few \u201cengineer\u201d things while still making a living as a software developer. I worked for myself #freelancing instead of as a full-time employee. I prioritized #RemoteWork rather than move to Silicon Valley or Seattle or New York or Austin. And I\u2019ve avoided becoming entangled with Big Tech at all costs in favor of\u2026well, virtually anyone else. I\u2019ve had clients who are small businesses, non-profits, agencies partnered with local municipalities, bootstrapped startups, churches, museums, and schools.\n\nDid I screw myself in the end?\n\nDid I miss out big time in not casting my scruples aside and getting a string of high-paying jobby-jobs in Mountain View or Redmond or Round Rock?\n\nObjectively, perhaps not. A lot of developers are struggling right now\u2014I know this for a fact. I don\u2019t think I\u2019m uniquely in a difficult predicament.\n\nAnd it\u2019s not like there aren\u2019t plenty of other industries where the work itself might be rewarding but the \u201cjob\u201d (aka everything else attached to the role) rather sucks.\n\nYet\u2026apart from my work in open source such as the #Bridgetown web framework in Ruby, and a handful of truly wonderful projects I\u2019ve been privileged to work on over the years, I can\u2019t help but wonder if I\u2019m reaching the end of the line, as it were. The longer I try to straddle the fence between Artist and Engineer, the more both may suffer.\n\nMy greatest fear is if I were to fully embrace the Engineer in me as a way to survive this terrible job market, I will lose the Artist forever.\n\nYet the opposite is also scary: if I were to embrace the Artist as a way to live fully true to myself, I will lose nearly everything else by sliding into poverty.\n\nI don\u2019t mean to sound dramatic, but the truth is I\u2019ve lived most of my life with some kind of active tension between these two poles, and with everything going on in the world right now, that tension feels like it\u2019s ratcheting up to the point of breaking utterly.\n\nI fear The Snap. \ud83d\ude31\n\nAnd that, more than anything, is a source of genuine existential dread for me right now. I\u2019ve managed to get by for a very long time without compromising my values too much. I may not have much in the way of monetary assets, but I sleep well at night.\n\nI wonder if I\u2019m no longer afforded that luxury.\n\nThe struggle is real.\n\nP.S. The rumors are true: I\u2019m available for hire! \ud83d\ude05"
},
"name": "The Artist Who Accidentally Became an Engineer",
"post-type": "article",
"_id": "48859079",
"_source": "2783"
}
The BC-250 cards that people like me are using to build cheap SteamOS gaming PCs ship with 24 of 40 CUs active. There are OS images that allow you to activate some or all of the CUs, but it’s a roll of the silicon dice. Looks like I got lucky, as my card is running stable with all CUs active. 🍀
{
"type": "entry",
"published": "2026-07-08T06:10:07.342383+00:00",
"url": "https://cleverdevil.io/2026/the-bc-250-cards-that-people-like-me-are",
"syndication": [
"https://cleverdevil.club/@jonathan/116882866672836689",
"https://bsky.app/profile/cleverdevil.io/post/3mq4hi22vmg2n"
],
"content": {
"text": "The BC-250 cards that people like me are using to build cheap SteamOS gaming PCs ship with 24 of 40 CUs active. There are OS images that allow you to activate some or all of the CUs, but it\u2019s a roll of the silicon dice. Looks like I got lucky, as my card is running stable with all CUs active. \ud83c\udf40",
"html": "<p>The BC-250 cards that people like me are using to build cheap SteamOS gaming PCs ship with 24 of 40 CUs active. There are OS images that allow you to activate some or all of the CUs, but it\u2019s a roll of the silicon dice. Looks like I got lucky, as my card is running stable with all CUs active. \ud83c\udf40</p>"
},
"author": {
"type": "card",
"name": "Jonathan LaCour",
"url": "https://cleverdevil.io",
"photo": "https://cleverdevil.io/profile/photo"
},
"post-type": "note",
"_id": "48850050",
"_source": "10"
}