Skip to content
Releases GitHub

Changelog — MCP Enhancements

Subscribe with RSS

MCP
Enhancement
Clear all

Expanded MCP and AI IAM event coverage

Aembit has expanded the event coverage and reporting surfaces for troubleshooting MCP and AI IAM failures:

  • New access.discovery event type: Access Authorization Events now include an access.discovery event that lists the Client Workloads and Server Workloads Aembit Cloud considered during evaluation. Use it to diagnose requests that match no workload or policy, or that match multiple. See Access Discovery events.
  • User identity on MCP Workload Events: MCP Workload Events now include a userId field at application.mcp.userId for flows that involve a human identity, such as MCP Authorization Server flows. The Workload Events view exposes a matching User (MCP App Protocol only) filter for per-user investigations and SIEM scoping.
  • Trust Provider failures emit at Error severity: Trust Provider attestation failures in MCP flows now emit at Error severity rather than warning, so SIEM alerts that watch for Error events catch real authorization failures reliably.
  • Clearer expired-credential explanations: The access.credential event’s reason now identifies which token expired and at which step, making it easier to decide between re-authentication, credential refresh, or Credential Provider reconfiguration.
  • MCP Authorization Tracing view: A new live diagnostic view in the Reporting dashboard surfaces inbound authorization requests at the MCP Identity Gateway in real time, with the redirect URI, resource, matched Client Workload, and policy outcome for each request. See MCP Authorization Tracing.

For an end-to-end investigation flow that uses these reporting surfaces together, see Troubleshoot MCP and AI IAM access.

Tags:

MCP Identity Gateway 1.31.4955 release

Aembit has released MCP Identity Gateway version 1.31.4955.

For the latest available versions of these components, see the Edge Components Supported Versions page.

Key Updates:

  • Session deletion: Support for deleting MCP sessions, enabling clients to explicitly end MCP Identity Gateway sessions when finished.
  • MCP-level error metrics: New Prometheus metrics expose MCP protocol-level errors, giving operators visibility into request failures at the MCP layer.
  • Application-specific Prometheus metrics: Additional Prometheus metrics scoped to the MCP Identity Gateway application for improved observability.
Tags:

MCP Identity Gateway 1.31 release

Aembit has released MCP Identity Gateway version 1.31.

Key Updates:

  • User identity on workload events: The userId field now appears on mcp.request and mcp.response workload events when the MCP client is identified, making it easier to attribute MCP activity to authenticated users in audit reports.
  • Client-initiated session termination: MCP clients can now end their session with the Gateway by sending an HTTP DELETE request to the /mcp endpoint, per MCP specification section 2.5.5. See Session management for the request contract.
Tags:

MCP Identity Gateway 1.30 release

Aembit has released MCP Identity Gateway version 1.30.4549.

For the latest available versions of these components, see the Edge Components Supported Versions page.

Key Updates:

  • The Gateway now authenticates requests before proxying them to upstream MCP servers (new default behavior)
  • Tool annotations are included in MCP responses
  • The Gateway returns HTTP 405 for GET requests to the MCP endpoint
  • Unauthorized (401) responses now include additional metadata for easier troubleshooting
  • Errors from upstream MCP servers are forwarded to MCP clients
  • The Gateway honors the AEMBIT_TRUSTED_ISSUER_DOMAINS environment variable for trusted issuer configuration
  • A new metrics endpoint provides Gateway operational metrics on a configurable port
  • Improved compatibility with Claude Desktop and other MCP clients
  • Improved handling of MCP servers that don’t support resources
  • General improvements to session management, installer reliability, and internal performance
Tags:

MCP Identity Gateway enters beta with MCP Server and component copying

Aembit now offers an MCP Identity Gateway (Beta) that sits between AI agents and MCP servers, enforcing Access Policies, performing secure token exchange, and providing visibility into MCP activity. Deployed on a Linux VM, the Gateway ensures AI agents never hold direct credentials for enterprise systems.

Key capabilities:

  • Proxies MCP traffic with identity-aware policy enforcement
  • Performs secure token exchange using OAuth 2.0 and API key credentials
  • Provides per-user credential management and centralized MCP routing
  • Logs agent identity, user identity, and policy decisions for auditability
  • Fail-closed behavior—denies access by default unless explicitly allowed

For setup instructions and architecture details, see MCP Identity Gateway.

Aembit now provides an MCP Server that enables AI agents and users to query Aembit event logs using structured commands. Built on the Model Context Protocol specification, the MCP Server enables agentic observability and auditability for organizations using Aembit.

Key capabilities:

  • Query audit logs, authorization events, and workload events
  • Integrations with MCP Inspector, Claude Code, GitHub Copilot, and Visual Studio
  • Resource-set-based access scoping for least-privilege access
  • Read-only access—no create, update, or delete operations
  • Full audit trail of all MCP Server queries

For setup and connection guides, see Aembit MCP Server.

Aembit has added a new MCP User-Based Access Token Credential Provider type. This type enables per-user OAuth credentials for MCP servers using the OAuth 2.0 Authorization Code flow. The MCP Identity Gateway manages user-specific tokens when connecting to downstream MCP servers.

Key capabilities:

  • OAuth 2.0 Authorization Code flow with Proof Key for Code Exchange (PKCE) support
  • MCP Server URL discovery with auto-population of OAuth endpoints
  • Per-user credential scoping
  • Token introspection and lifetime management

For configuration details, see MCP User-Based Access Token Credential Provider.

Aembit now supports component copying between Resource Sets. You can replicate Access Policy components—including Client Workloads, Server Workloads, Trust Providers, Credential Providers, and Access Conditions—from one Resource Set to another. You can also copy entire Access Policies with all related components at once.

Key capabilities:

  • Copy individual components or entire Access Policies between Resource Sets
  • Each copy receives a unique identifier while the original remains unchanged
  • Supports environment promotion, regional deployments, and safe experimentation

For details, see About component copying and Copy components.

Tags:

GitHub Action, MCP Authorization Server beta, and Access Policy Builder now available

Aembit now provides an official GitHub Action for injecting credentials into your CI/CD workflows. The action retrieves credentials from Aembit and makes them available to subsequent steps in your workflow.

Key capabilities:

  • Retrieve credentials using workload identity federation with GitHub’s OIDC tokens
  • Support for AWS, Azure, database, and API key credential types
  • Automatic credential masking in workflow logs

For setup instructions, see the GitHub Actions tutorial. For usage examples with different credential types, see the how-to guide.

Aembit now supports Private Network Access (PNA) for the AWS Secrets Manager Credential Provider. This allows your Aembit Edge components (Aembit CLI or Agent Proxy) to retrieve secrets directly from AWS Secrets Manager instances in private networks, such as AWS VPCs with private endpoints.

Key capabilities:

  • Retrieve secrets from AWS Secrets Manager without exposing your VPC to the public internet
  • Works with both Aembit CLI and Agent Proxy deployments
  • No changes required to your existing AWS IAM policies or VPC endpoint configuration

For configuration details, see Private Network Access for Credential Providers and AWS Secrets Manager Credential Provider.

Aembit has released the MCP Authorization Server (beta), which secures Model Context Protocol (MCP) workloads using OAuth 2.1 authorization flows. This enables you to apply Aembit Access Policies to AI agents and MCP clients, controlling which users can access which MCP servers.

Beta feature

The MCP Authorization Server is currently in beta. Contact your Aembit representative to request access.

Key capabilities:

  • OAuth 2.1 authorization code flow implementation for MCP-compliant workloads
  • Dynamic Client Registration support for tools like Claude Desktop and Gemini CLI
  • Integration with OIDC and SAML identity providers for user authentication
  • Access Policies with time and location-based conditions

Aembit has redesigned the Access Policy creation experience with the new Access Policy Builder. The builder provides a card-based interface that guides you through configuring each component of an Access Policy.

Access Policy Builder showing a completed policy configuration

Key capabilities:

  • Visual card-based navigation for policy components
  • Inline creation of Client Workloads, Server Workloads, Trust Providers, and other components
  • Clear indicators for required, recommended, and optional components based on Global Policy Compliance settings

To use the new builder, enable Use new access policy in your user profile preferences. For a walkthrough, see Create an Access Policy.

Tags:
Copyright © 2026. All rights reserved.Privacy PolicyTerms of ServiceTrust CenterContact Aembit