MCP Dev Summit Seoul 2026

I spent four years building identity systems. When I read the MCP authorization spec, I recognized the building blocks: OAuth 2.1, PKCE, Dynamic Client Registration. I also recognized where it goes quiet on the hard parts.

Three gaps stand out.

Scopes are defined at the transport level, not the tool level. A token grants access to an MCP server, but says nothing about which tools the client can call.

Agent chain identity has no standard answer. The spec is silent on server-to-server authentication, and the client credentials grant for agent-to-agent scenarios is only now returning as a draft extension.

Dynamic Client Registration brings lifecycle problems. RFC 7592 for client management is not widely supported, and multiple clients sharing an OAuth client ID is a risk teams hit without realizing it.

I'm not an MCP insider. This talk maps four years of API and identity work onto problems MCP teams are running into right now.