WisdomAI provides an AI data analyst platform that enables enterprise users to query structured and unstructured data using natural language. As the company expanded from early adopters to Fortune 500 customers, they needed authentication infrastructure that could handle both traditional B2B requirements and the emerging challenges of providing secure connections for AI agents to access their platform. Here’s how Descope helped.
About WisdomAI
WisdomAI was founded in 2023 by a team of former Rubrik engineers, including co-founder and CEO Soham Mazumdar. The platform serves enterprise customers across technology, healthcare, energy, and financial services. Customers like Cisco, Rubrik, and ConocoPhillips use WisdomAI to provide direct access to data insights without waiting for analyst reports.
The platform takes a thoughtful and distinctive approach to the hallucination problem that hampers most AI analytics tools: Rather than using LLMs to generate answers directly, WisdomAI only uses them to write database queries. If the model hallucinates, it produces an ineffective query rather than fabricated business data. This marks a critical differentiator for enterprises weighing decisions based on AI-powered results.
The authentication challenge
WisdomAI’s authentication requirements span two segments that most identity providers treat as completely discrete domains:
B2B user authentication: Enterprise customers expect single sign-on (SSO), and WisdomAI needed to onboard them without sacrificing engineering cycles to build custom integrations for each identity provider (IdP). The ability to let customers configure SSO themselves (rather than requiring hands-on support) was essential for scaling sales without increasing the support burden.
MCP server and AI agent authentication: WisdomAI offers a customer-facing MCP server that enterprises use to connect AI agents to the platform for data analysis. This introduced requirements beyond traditional user auth: authenticating the agents themselves, managing OAuth tokens when WisdomAI connects to external services on behalf of users, and handling the token lifecycle across multiple third-party integrations.
Building for both of these capabilities in-house would have meant pulling developers away from core product work. The complexity of the B2B user auth space was well-known to the WisdomAI team, and the agentic identity space was (and still is) evolving too quickly to build a durable solution with a lean team entirely from scratch.
The Descope experience
WisdomAI joined Descope’s startup program in 2023 and now uses the platform for all customer and agentic identity management.
For B2B authentication, WisdomAI deployed SSO and utilized the SSO Setup Suite to help their customers set up their SSO connections. This self-service configuration tool lets enterprise customers connect their chosen identity providers without requiring direct, hands-on help from the WisdomAI support team. Magic link authentication over a generic SMTP (Simple Mail Transfer Protocol) connector handles passwordless authentication for users who don’t come through SSO.
On the agentic side, the WisdomAI MCP server is protected using Descope’s Express MCP SDK, which provides OAuth 2.1 authorization with PKCE support and Dynamic Client Registration (DCR) out of the box. By acting as the MCP auth layer, Descope enables WisdomAI to provide automatic client registration, audience validation through auth and consent flows, resource-specific token binding, and secure authorization as recommended by the MCP specification. Without this functionality, WisdomAI would have been required to invest in significant custom development.
At the same time, when WisdomAI connects to external MCP servers like Linear on behalf of users, Descope acts as a token vault that manages, stores, and refreshes credentials that AI agents need to call third-party APIs. With these behind-the-scenes considerations handled—like token exchange, secure storage, and automatic renewal for external services—WisdomAI can add new integrations to their AI agents without building custom token management for each one.
Tanish Lad, Founding Engineer at WisdomAI, said:
“Descope has been super helpful in managing auth for both our MCP server as well as for managing OAuth tokens when Wisdom connects to various other MCP servers. Both flows have been extremely smooth.”
Looking ahead, WisdomAI is exploring a directory of one-click integrations for services like Notion, Linear, and Jira. This would allow users to connect apps without any manual configuration. Descope’s architecture makes this secure and extensible: Rather than writing custom OAuth integration code, adding a new service simply means plugging in a new app configuration in Descope.
Auth partner from seed to scale
WisdomAI’s Descope implementation delivers across both traditional B2B patterns and emerging agentic requirements:
Enterprise B2B auth: Providing passwordless authentication and SSO with self-service onboarding removed authentication as a bottleneck in the WisdomAI sales cycle.
Rapid MCP auth implementation: Auth for WisdomAI’s MCP server went from concept to production in roughly a day and a half, freeing engineers to focus on core AI capabilities rather than OAuth mechanics.
Unified AI agent token management: Descope provides a single, unified management system for the entire OAuth token lifecycle, spanning across all external services WisdomAI connects with from traditional APIs to third-party MCP servers.
Soham Mazumdar, Co-founder and CEO at WisdomAI, noted:
“The Descope Agentic Identity Hub frees up our developers from tooling and integration work so they can spend more time shipping core features instead. Our customer-facing MCP server is used by Fortune 500 customers and helps us show the value of our AI-powered analytics platform while having the confidence that identity controls are baked-in.”
As WisdomAI continues expanding its enterprise customer base and agentic offerings, Descope provides the authentication foundation for both the B2B requirements customers expect and the agentic identity capabilities today’s users demand—all with minimal coding and without drawing cycles away from their core engineering focus.
Descope is a flexible drag & drop customer and agentic identity platform that helps organizations easily add authentication, authorization, and identity management to their apps, AI agents, and MCP servers. Customers use us for initiatives such as passwordless authentication, SSO, identity federation, strong MFA, fraud prevention, and agentic identity.
To get started with Descope, sign up for a Free Forever account. If you have questions about our platform, book time with our auth experts.
