SAN FRANCISCO—(BUSINESS WIRE)—Today, Arcade.dev, the only MCP runtime, releases URL Elicitation. This is an important step in making Anthropic’s Model Context Protocol (MCP) appropriate for business use. Users can now connect directly to any web-based service from their MCP server. This makes it possible to securely authorize enterprise tools, manage payments and subscriptions, and collect sensitive or personal data safely. Arcade wrote a SEP (Specification Enhancement Proposal) with help from Anthropic. This proposal standardizes this secure flow and is now part of the newest edition of the MCP specification.
MCP is quickly becoming the open standard for connecting AI agents to real tools and services as AI agents get smarter and the necessity for strong protocols grows. But until today, MCP has a big problem: agents couldn’t safely give permission for the apps that people use every day. AI assistants can’t do anything useful because they don’t have secure authorization. They could talk for hours, but they couldn’t send an email or update a calendar since MCP didn’t have a mechanism to log into the services that people actually use. Arcade’s SEP changes that.
“Tool authorization has been the missing piece that has kept MCP from being a protocol that businesses can use,” said Alex Salazar, the creator of Arcade.dev. “Our contribution gives MCP servers safe access to user apps using OAuth 2.0 auth patterns that have been used for over 15 years to protect billions of online interactions.”
Arcade’s unique URL elicitation feature, which was created in partnership with Anthropic, lets an MCP server give the user a secure login page in their browser. The user logs in directly with Gmail, Slack, or another service. The service then gives the agent only the permissions they need.
Now, enterprise AI teams can use agents that can work with actual data and connect to their main systems. They can also make sure that important credential data never goes via the AI model itself. Instead, credentials go straight from one trusted server to another using the same OAuth 2.0 protocols that keep online banking, e-commerce, and business apps safe. Users can regulate permissions through their existing app settings, and the AI app only gets the access tokens it needs to do the tasks that are asked of it.
This SEP is now being added to the official MCP standard, SDKs, and popular clients. The free source Arcade secure MCP framework already lets MCP servers use URL elicitation by default, and many more server frameworks will soon follow.
This SEP keeps Arcade’s progress in making MCP more secure for usage in businesses. Earlier this year, Arcade released the first MCP runtime. Recently, they released a secure framework for making custom MCP tools with OAuth built in. They also added an MCP Gateway feature so that users can access Arcade’s catalog of secure, high-accuracy tools directly from their favorite MCP clients, like Cursor. Some of the biggest companies use Arcade’s MCP runtime to deploy AI agents that can securely do things on any system and for any number of users.
About Arcade.dev
Arcade.dev is the first MCP runtime in the industry that lets AI do safe, real-world things. Arcade is the only MCP runtime that can provide secure agent permission, high-accuracy tools, and centralized governance. Arcade lets teams at some of the biggest companies set up multi-user AI agents that can do things on any system with fine-grained rights and full visibility, without needing to set up complicated infrastructure.