






























The OpenID Foundation's Artificial Intelligence Identity Management Community Group (AIIM CG) is running an interoperability event to show that Model Context Protocol (MCP) flows can be secured with open identity standards. Taking place at the Gartner Identity & Access Management Summit 2026 in Las Vegas, the AIIM CG is inviting implementers to take part.
MCP is being adopted quickly to connect AI agents to enterprise tools, services and data. As agents begin to act on behalf of people and organizations, there are three key questions that matter most - which agent is this, what is it allowed to do, and does that still apply when it crosses into another organization?
Open identity standards already answer versions of these questions for humans and workloads. The interoperability event at Gartner will show they can be applied to MCP, and that implementations from different vendors work together when they do.
The event will demonstrate how customers can apply identity based controls to secure MCP flows within an enterprise and across enterprises, using standards drawn from the core MCP specification, MCP extensions, or elsewhere.
The point is interoperability. When these standards are implemented correctly, an organization can choose its own MCP clients, gateways and servers and expect the security properties to hold, regardless of which products it picks.
The testing focuses on two scenarios:
Participants will test interoperability across the following:
Once MCP clients, authorization servers and MCP servers are in place:
See the detailed test plan here.
Participants take at least one role, either MCP client, OpenID Provider, OAuth authorization server, MCP gateway, or MCP server. They must test at least one interaction with another participant in a complementary role. For example, a client testing CIMD against an authorization server.
Each participant keeps their own interoperability matrix, recording which standards they tested and with how many partners. Both sides agree the result before it's submitted, and the AIIM CG consolidates these into the published results - a clear, evidenced record of what interoperated with what.
The results will be presented by Atul Tulshibagwale of the OpenID Foundation and Erik Wahlström from Gartner during Gartner IAM Summit. A limited number of successful participants will also be given the opportunity to demonstrate their implementations. The AIIM CG will publish guidance on how demonstration slots are prioritized ahead of the commitment date.
Paul Carleton, Core Maintainer of MCP, said: “Anyone deploying agents at enterprise scale hits the challenges this event is testing: agent governance, and identity that survives crossing organizational boundaries. I look forward to seeing implementations from across the ecosystem prove standards like CIMD and ID-JAG work together.”
Atul Tulshibagwale, co-chair of the OpenID AIIM CG, and Senior Director, Continuous Identity Strategy at CrowdStrike, said: ”Agent governance, and cross-organizational identity assurance and seamless access are important problems that enterprises are grappling with as they deploy MCP based AI agents. This interoperability event provides an amazing venue where Gartner IAM Summit attendees can see this in action from multiple implementers.”
Erik Wahlström, VP Analyst, IAM at Gartner, said: “The industry has made significant progress in defining IAM standards for AI agents. Now it's time to prove they work. This initiative validates interoperability across implementations and helps accelerate deployment across the IAM ecosystem. We're pleased to provide a venue for the community to engage with this important work and see these standards put to the test.”
The OpenID Foundation (OIDF) is a global open standards body committed to building trusted identity ecosystems. Our mission is to lead the global community in identity standards that are secure, interoperable, and privacy respecting. Founded in 2007, we are a community of technical experts. The Foundation's OpenID Connect standard is now used by billions of people across millions of applications. More recently, the FAPI security profile - built on OAuth 2.0 - has become the standard of choice for interoperable Open Banking and Open Data implementations, while OpenID for Verifiable Credentials specifications are underpinning a new generation of digital wallets. Today, the OpenID Foundation's standards are the connective tissue that enable people to assert their identity and access their data at scale, the scale of the internet, enabling "networks of networks" to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。