Token Security is a pioneering cybersecurity company focused on securing agentic AI and non-human identities. Companies trust Token Security to discover and govern each agent and machine credential across all their environments. As the company extended its platform with a customer-facing MCP server, it needed an identity layer that could secure agentic access with the same rigor it provides for its own customers. Here’s how Descope delivered on every requirement.
About Token Security
Token Security provides a comprehensive solution for securing non-human identities (NHIs). With Token Security, organizations can discover, manage, and govern every AI agent, service account, API key, and machine credential across cloud, on-premises, and hybrid environments. The company was named a Top 10 Finalist for the RSAC 2026 Innovation Sandbox Contest, recognized for pioneering identity-first security and governance for AI agents.
The Token Security platform also includes a Model Context Protocol (MCP) server that lets security teams query their NHI environment in natural language. A security engineer can ask which identities haven’t rotated secrets in 90 days, who owns a given service account, or what the riskiest NHIs are, and get an answer drawn directly from their specific vulnerabilities.
The need to secure an agentic AI surface
MCP is the open standard that lets AI agents connect to external tools and data (like the data about NHI posture surfaced Token Security). A remote MCP server exposes those tools to clients the operator doesn’t control, which presents three distinct challenges: registering previously unseen clients, authenticating them, and ensuring least-privilege access with granular scoping.
At the same time, Token Security was scaling its enterprise B2B business and wanted one identity platform to govern both the human authentication path and the agentic one. They began evaluating providers with a clear set of parameters:
Protocol-compliant authorization for a remote, customer-facing MCP server
Tool-level access control tied to a user’s existing role and tenant
B2B authentication and single sign-on (SSO) as core capabilities
Tenant-scoped role-based access control (RBAC) that preserved customer semantics
Audit streams that internal systems could subscribe to for downstream automation
Itamar Apelblat, Co-Founder and CEO at Token Security, said:
“We secure agentic AI for our customers, so the bar for our own MCP server was high. We needed a layer that treats agents as identities and scopes every tool call to the right user.”
The Descope experience
Descope met the evaluation criteria on every dimension Token Security laid out, across both the agentic and the human authentication paths. The Agentic Identity Hub provided protocol-compliant authorization for the MCP server, while Descope Flows provided a visual, workflow-based identity journey builder that kept login flows out of application code. This meant new auth methods, edge cases, and tenant-specific logic could be introduced without a redeployment.
The SSO Setup Suite offered a self-service wizard that enterprise teams could use to configure SSO and SCIM for their own identity providers. Descope’s migration tooling accommodated the shape of existing Token Security data, including SAML SSO connections with their tenant-specific configurations. The Descope team even engineered bespoke solutions for edge cases presented by the previous system.
A single platform now governs how users authenticate to the Token Security product and how their AI clients connect to its MCP server, with the same roles and tenants applied across both.
MCP server authorization with the Agentic Identity Hub
Descope acts as the OAuth 2.1 authorization server for the Token Security MCP server. The Agentic Identity Hub publishes the discovery metadata MCP clients use to locate the authorization server, hosts the token and authorization endpoints, and handles user authentication and consent.
Because MCP clients connect from AI applications that Token Security doesn’t control, the Agentic Identity Hub supports Dynamic Client Registration (DCR) and Client ID Metadata Documents (CIMD). Metadata tags can be attached at registration that downstream policies use to evaluate access. The access token issued through that client carries the authenticating user, their tenant, and the tool-level scopes granted for the session.
The Agentic Identity Hub provides a centralized view of every connected agent, the delegating user, and the tools and scopes they hold.
Itamar Apelblat, Co-Founder and CEO at Token Security, said:
“The same roles and tenants we use for human access now govern what an AI client can do on our MCP server. With Descope, we didn’t have to build a secondary authorization model for agents and hope it stayed consistent with the first.”
Flexible B2B authentication
Token Security built their customer authentication experience using Descope Flows, combining enterprise SSO with TOTP-based multi-factor authentication (MFA), magic links, passkeys, and social login (Google and Microsoft). The result is an experience that adapts to the identity expectations of each tenant, with the underlying journey served through Flows rather than hardcoded in the application.
Role-based access control (RBAC) with tenant-specific definitions ensure enterprise customers retain the access models they’ve already designated for their own organizations, rather than compressing them to fit a vendor’s format. For enterprise tenants, the SSO Setup Suite handles identity provider configuration as a self-service workflow. IdP-initiated login matches the pattern enterprise identity teams expect from their upstream providers, and SCIM provisioning (which had previously taken up to a month for a single customer) is now configured alongside SSO.
Enterprise-grade auth that scales with growth
Descope delivers on the goals that drove Token Security to seek a new identity provider. The MCP server is exposed to customers through protocol-compliant OAuth 2.1, with every agent identified and every tool call scoped to the connecting user’s role and tenant. Enterprise B2B authentication, self-service SSO, SCIM, and tenant-scoped RBAC run on the same platform, using the same access model.
For an organization whose core product is agentic and NHI identity security, the choice of authentication provider reaches beyond simple technical scope. Descope gave Token Security an identity layer that matches the high standard of the solution they sell to their own customers.
Descope is a flexible customer and agentic platform that helps organizations easily add authentication, authorization, and identity management to their apps, AI agents, and MCP servers. Customers use us for initiatives such as passwordless authentication, SSO, identity federation, strong MFA, fraud prevention, and agentic identity.
To get started with Descope, sign up for a Free Forever account. If you have questions about our platform, book time with our auth experts.
