The Model Context Protocol (MCP) is rapidly becoming the backbone for AI -based systems that need access to external data, but with great power comes great responsibility, especially when securing server implementations. In this conversation with Nate and Wils, founding engineers at Arcade.dev, we’ll explore advanced security patterns for MCP servers, from OAuth 2.1 flows and token validation to defending against confused deputy attacks, session hijacking, and token passthrough vulnerabilities. We’ll also highlight how all of this accrues to the emerging agentic space, where the interactions are no longer constrained to humans in the loop.

The Model Context Protocol (MCP) is rapidly becoming the backbone for AI -based systems that need access to external data, but with great power comes great responsibility, especially when securing server implementations. In this conversation with Nate and Wils, founding engineers at Arcade.dev, we’ll explore advanced security patterns for MCP servers, from OAuth 2.1 flows and token validation to defending against confused deputy attacks, session hijacking, and token passthrough vulnerabilities. We’ll also highlight how all of this accrues to the emerging agentic space, where the interactions are no longer constrained to humans in the loop.

The Model Context Protocol now fully embraces OAuth 2.1 conventions, bringing mature authorization patterns to AI agent ecosystems. Rather than inventing new auth mechanisms, MCP adopted proven OAuth flows, dynamic client registration, as well as the brand-new Protected Resource Metadata conventions. This session explores how the new spec significantly simplifies the developer experience for both MCP client and server implementers, as well as gives developers more flexibility around integration with existing authorization servers.