If you have rolled out Claude across a team, you know the friction: every MCP connector required each user to go through their own OAuth flow. Figma needed approval. Atlassian needed approval. Asana needed approval. Multiply that across a hundred-person team, add onboarding cycles, and you have an IT headache that causes AI deployments to stall before they ever generate value.

Anthropic addressed this last week. On June 18, the Model Context Protocol ecosystem reached stable status for Enterprise-Managed Authorization (EMA), a new extension that lets IT admins provision MCP connector access once, centrally, through their identity provider. Okta is the first supported provider at launch.

The feature is live now in beta for Claude Team and Enterprise plans, covering Claude chat, Claude Code, and Cowork.

What Changed

Before EMA, every employee had to independently authorize each MCP server they wanted to connect. That created three compounding problems: onboarding friction for new hires, no central audit trail for security teams, and a messy situation where work and personal credentials could intermix.

EMA flips the model. Admins configure connector access once at the organizational level through Okta’s Cross App Access (XAA) protocol. From that point, employees inherit access automatically on first login. A new hire on day one gets the full set of approved connectors without raising a single IT ticket.

The connectors supported at launch include Asana, Atlassian, Canva, Figma, Granola, Linear, and Supabase, with Slack support coming soon.

Why This Is More Than an IT Announcement

This might read like a plumbing change, but it matters for any business evaluating Claude at scale.

The biggest barrier to enterprise AI deployment has rarely been capability. It is governance. Security teams need to know what data AI tools can access, who authorized it, and where the audit trail lives. When every user manages their own OAuth credentials independently, those questions do not have clean answers.

EMA brings AI tool access into the same identity and access management layer that governs everything else in the organization. For companies running Okta, which describes most mid-to-large enterprises, this removes a genuine procurement blocker. The IT conversation shifts from “users are self-managing credentials we cannot audit” to “access is provisioned through Okta under the same policies as the rest of our stack.”

That is the kind of answer that moves a procurement decision forward.

MCP as Enterprise Infrastructure

This announcement reflects a broader shift happening across the AI space. MCP started as a developer-facing protocol for connecting AI models to external tools. It is becoming connective tissue between enterprise software and AI agents running real work.

Once AI tools live inside the same identity layer as your ERP, your project management suite, and your comms platform, they stop being a shadow IT risk and start being infrastructure. That transition is what Anthropic and the broader MCP consortium are accelerating.

For companies building AI workflows on Claude, whether through custom deployments or direct enterprise plans, the practical implication is shorter rollout timelines and fewer reasons for security teams to say no.

What This Means for Business

If your organization runs Okta and has been evaluating Claude for team or enterprise use, the access management barrier just dropped significantly.

For IT teams: EMA is in beta for Team and Enterprise plans now. If you are an existing Claude customer, the managed connector configuration is available in the admin console.

For business leaders: This addresses the governance concern that has historically caused AI pilots to stall at the procurement stage. Deployments that used to require per-user setup and lacked central oversight can now be rolled out once from the admin level.

For operators building on Claude: Centralized authorization with audit trails is becoming a baseline expectation for enterprise buyers. The ability to demonstrate this governance layer closes deals faster.

Okta is the first identity provider. Additional providers have not been announced yet, but Okta’s penetration across mid-to-large enterprises means the initial rollout already covers a large share of the relevant market.

The friction was real. The fix is practical. That combination is what moves AI deployments from pilot to production.