Configuring MCP servers access to Okta with just-in-time access

Common misconception about Okta and MCP servers

Many assume that an MCP server can simply trust an Okta-issued token and grant access without any additional guardrails. The belief is that the identity provider alone is enough to protect the server from misuse, because the token proves who the caller is. In practice, that approach ignores just-in-time access, which is the practice of granting the minimum privilege for a single operation and revoking it automatically afterward.

In reality, an OIDC or SAML token only answers the question “who is calling?” It does not control what the caller does once the connection is established, nor does it provide a record of the actions taken. Without a dedicated enforcement point, a compromised service account can issue destructive commands, exfiltrate data, or bypass internal policies.

Why just-in-time access matters for MCP servers

Just-in-time access means granting the minimum privileges required for a single operation, and revoking them automatically after the operation completes. For MCP servers that execute code on behalf of users or automated agents, this model reduces the blast radius of a credential leak. The privilege is issued only when a request is made, and it expires as soon as the request finishes.

Implementing just-in-time access requires three pieces:

Setup: an identity source such as Okta that issues short-lived tokens for service accounts or AI agents.
The data path: a place where each request can be inspected before it reaches the MCP server.
Enforcement outcomes: the ability to grant, record, and revoke access in real time.

The first piece is already in place when you configure Okta as the OIDC provider for your agents. The token tells the system who the caller is and whether the request is allowed to start. However, without a data-path control point, the request still flows directly to the MCP server, leaving the following gaps:

No real-time approval workflow for high-risk operations.
No session recording that auditors can replay.
No inline masking of sensitive responses that might contain secrets.
No automatic revocation of the temporary privilege after the operation.

Placing a gateway in the data path

To close those gaps, insert a Layer 7 gateway between the identity token and the MCP server. The gateway inspects the wire-protocol traffic, applies just-in-time policies, and records everything that passes through. Because the gateway is the only point where traffic can be altered, it is the sole location where enforcement can happen.

When an agent presents an Okta token, the gateway validates the token, checks the request against policy, and, if needed, routes the operation to a human approver. Once approved, the gateway forwards the request to the MCP server using its own credential, ensuring the original agent never sees the server’s secret. After the operation finishes, the gateway automatically revokes the temporary privilege and writes a complete session log.

Continue reading? Get the full guide.

Just-in-Time Access + Mean Time to Detect (MTTD): Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

How the gateway enforces just-in-time access

hoop.dev records each session, so you have a replayable audit trail for every command that touched the MCP server. It masks sensitive fields in responses, preventing secrets from leaking to downstream logs. It blocks commands that violate policy before they reach the server, and it can pause a request for manual approval when the policy requires it. All of these outcomes exist because hoop.dev sits in the data path, not because the Okta token alone provides them.

Because the gateway holds the credential for the MCP server, the agent never sees the server’s password or API key. This satisfies the “agent never sees the credential” principle and reduces the risk of credential exposure.

Getting started

Begin by deploying the gateway in the same network segment as your MCP servers. The official getting-started guide walks you through a Docker Compose deployment, OIDC configuration with Okta, and registration of the MCP target. Once the gateway is running, you can define just-in-time policies that grant the least-privilege scope needed for each operation.

For detailed steps on configuring OIDC, registering a connection, and authoring policies, see the getting-started documentation and the broader feature overview at hoop.dev learn. The repository contains the full source code and example configurations.

FAQ

Is the Okta token still required after the gateway is in place?

Yes. The token is used by the gateway to identify the caller and to enforce just-in-time policies. Without the token, the gateway cannot apply identity-aware decisions.

Will existing MCP clients need to change their connection strings?

No. Clients continue to use their standard MCP client libraries. The gateway acts as a transparent proxy, so the client sees the same endpoint it would have used directly.

How long are the session logs retained?

Retention is configurable in the gateway’s policy store. The logs remain available for the period required by your audit or compliance program.

Ready to explore the code and contribute? Visit the hoop.dev GitHub repository for the full source, issue tracker, and contribution guidelines.