security

A super-quick overview of the new MCP authorization specification and how it improves security and flexibility for MCP servers.

Fix that annoying issue where authentication windows appear behind your MCP client by implementing smarter window handle discovery. This walkthrough shows you how to properly parent WAM dialogs to VS Code, Claude Desktop, and other MCP clients.

Implement secure, enterprise-ready Model Context Protocol (MCP) servers protected by Entra ID authentication using Azure API Management and Azure Functions. This complete guide walks you through creating a confidential client architecture that protects sensitive tokens while enabling secure LLM tool access.

Learn how to authenticate local Model Context Protocol servers with Entra ID using Windows Web Account Manager (WAM). This practical guide shows how to implement interactive user authentication in local MCP servers without complex OAuth flows.

The Model Context Protocol introduces familiar security challenges we’ve seen before. Let’s not ignore them and step on the same rakes millions stepped on before.

Learn how to configure Azure Functions with Easy Auth to acquire tokens for Azure Resource Manager instead of Microsoft Graph, allowing secure API access with proper audience and scopes.

Learn how to implement secure authentication for MCP servers using Microsoft Entra ID with session-based tokens. This improved approach uses confidential clients and JWT session tokens for better security than public client methods.

Learn how to integrate Microsoft Entra ID authentication with Model Context Protocol (MCP) servers. This step-by-step guide explores the challenges and solutions for implementing OAuth-based flows between AI tools and MCP servers, with practical code examples.

Learn how Microsoft Entra ID’s flexible Federated Identity Credentials eliminate the need for secrets when connecting services across platforms. This practical guide shows you how to securely authenticate GitHub Actions workflows to Azure resources without storing credentials.

Experian, the multinational consumer credit reporting and data aggregator company, is planning to sell off more of your data to third-parties starting February 5, 2025.