Use federated OAuth when you want to delegate the identity check to an external identity provider (IdP) like Okta or Azure AD. When you use federated OAuth, your AI agents can access the MCP server using a JWT authorization token that your IdP generates.
To use federated OAuth, your organization must meet the following prerequisites:
•Your IDMC organization must be configured to use SAML and the organization’s users must be set up as SAML users.
For more information about SAML single sign-on, see "SAML single sign-on" in the Administrator help.
•You’ve set up and configured an OAuth identity provider like Azure AD or Okta.
For information about OAuth setup using Azure Active Directory, see the following article: Set up OAuth with Azure AD. For information about OAuth setup using Okta, see the following article: Set up OAuth with Okta.
•You’ve registered the authorization server of the third-party IdP for authentication using the IDMC REST API Identity providers resource.
To access an MCP server using federated OAuth, you need to obtain a JWT access token from your IdP and include the token in the headers section when you connect to the Informatica MCP server. For more information about connecting to an Informatica MCP server, see Connecting to an Informatica MCP server.