One major downside is consumer usage seems to still need DCR with this. I think this could potentially be addressed by existing consumer OAuth providers (Sign in with GitHub, GitLab, Google, etc.) adding support for registering static MCP clients/servers, clients shipping their static client IDs inside them, clients allowing users to sign in with GitHub/GitLab/whatever IdP, and letting the user self-manage connections on the IdP's site.
Overall, XAA/EMA seems vastly superior to DCR from a security perspective (and also usability too, since users don't have to configure as much!). The concerns I have are also much easier to address and have way less security impact than with DCR, since attackers don't get to register their own clients anymore and there are less pitfalls for MCP server developers.
Here's our use case: During the sales cycle, the buyer and seller need to exchange a bunch of information then analyze it (which is increasingly agentic). The problem with MCP is the initial setup friction is far greater than users login in themselves and grabbing the information they need. MCPs are great for regular, frequent interactions - but create a lot of problems for these quick one-off sessions.
We'd really love a way to do something like this:
* In Claude: "Grab documents from X, Y, Z"
* Claude hits that website, it returns (1) basic usage information (2) a login link that the user can open in their browser
* User auths in their browser (annoying, but mindless)
* That callback returns a unique, short-lived, one-time token that gets exchanged on all future requests to the site.
Now, we can quickly auth users AND maintain a session state as they do things.
Can you tell me more about this? With just-in-time client registration (DCR or CIMD) it seems like the MCP registration would be pretty simple.
Is it the configuration of the MCP client to know about the MCP server that is the issue?
Does the website need to be able to advertise "here's the corresponding MCP server" so that the "claude hits website" step becomes "claude hits website, discovers MCP server"?
I don’t think this is about advertising an MCP at all. All of this can be accomplished with plain old HTTP requests. I want to be able to tell users “tell your LLM do go to https://example.com/only-bots”.
There’s absolutely no need for an MCP, because the website will tell the LLM everything it needs to know, including other actions and endpoints available.
It seems like it might be something of what you are looking for, since it leverages HTML to tell agents about website functionality.
One issue I see with WebMCP is that agents basically free-ride on user identity and authentication, which is problematic in some scenarios.
Seems like the main use case is employees of companies. Is there an analogous use case/value for non-centralized users like customers or freemium users?
I'm struggling to think of one, but wonder what I'm missing.
Edit: I see you addressed this here: https://news.ycombinator.com/item?id=48594381
The underlying extension has been in the MCP protocol for some time and is now officially stable.
I'm just curious internally how you are seeing MCP adoption? It seems more and more connectors are created but are you seeing real adoption from users?