OAuth

Anthropic introduced an MCP extension that lets admins authorize connectors through their identity provider instead of repeated per-user OAuth flows. VS Code added support the same day, which matters because teams can keep connector policy and audit controls in existing enterprise identity systems while reducing setup friction.

Vercel introduced eve in public preview with durable workflows, sandboxed compute, subagents, and evals. It also added Connect and Passport for scoped tokens and identity-gated deployments, giving teams one path for runtime, auth, and enterprise access control.

OpenAI said ChatGPT, Codex, and the Responses API can reach private MCP servers over outbound-only HTTPS without inbound exposure. The same enterprise update adds workload identity federation plus admin controls for spend alerts, allowlists, retention, and hosted tools.

Claude Code 2.1.153 adds skipLfs for Git and GitHub clones and fixes a stateful MCP regression introduced in v2.1.147. The release also stops custom gateways from receiving a user's Anthropic OAuth credential and pairs with broader responsiveness work.

Nous Research expanded Hermes Agent so X Premium+ and SuperGrok logins can unlock Grok 4.3, X Search, and media tools without separate keys. Bookmarks and full X API access still sit outside the OAuth path.

Keycard launched delegated auth for multi-agent apps, issuing scoped credentials at each handoff instead of sharing broad long-lived secrets. The SDKs cover LangChain, MCP, A2A, and generic APIs while keeping credentials out of disks and databases.

Vercel said no npm packages were compromised in the OAuth-linked incident and updated its security bulletin with MFA and environment-variable auditing guidance. Treat credential deletion as separate from rotation and follow the bulletin to narrow supply-chain risk.

Vercel disclosed unauthorized access to internal systems affecting a limited subset of customers and said a compromised Google Workspace OAuth app at a third-party AI tool was the entry point. Some non-sensitive environment variables may have been exposed, so teams should review SaaS integrations and secret handling now.

Keycard released an execution-time identity layer for coding agents, issuing short-lived credentials tied to user, agent, runtime, and task. It targets the gap between noisy permission prompts and unsafe skip-permissions workflows.

Anthropic’s Claude Code docs say consumer OAuth tokens from Free, Pro, and Max cannot be used with the Agent SDK, and staff said clearer guidance is coming. If you automate local dev loops or parallel workers, use API keys until the allowed auth patterns are explicit.