The Grant Behind Enterprise Managed Auth for Claude: ID-JAG with Karl McGuinness (ex-Okta)
Karl McGuinness · former Chief Product Architect at Okta
We sit down with Karl McGuinness, former Chief Product Architect at Okta and the author of ID-JAG, to dig into the OAuth problem that agents are about to make much worse. Karl walks us through what he calls OAuth islands, the separate OAuth stacks scattered across enterprise SaaS that security teams cannot monitor or revoke, and explains why every new agent integration adds another one. We get into OAuth federation, how ID-JAG (the Identity Assertion JWT Authorization Grant) lets a central identity provider broker access across those islands, and how it slots into Anthropic's Enterprise Managed Auth for Claude. Karl makes the case that centralizing agent access governance, rather than letting each app mint its own long-lived tokens, is what gives enterprises a real chance at visibility and revocation as agents proliferate.
Listen on