Agent & MCP Server Development - Cloudflare and Work OS are collaborating to promote the idea that agents acting on behalf of users need the same credentials and authorization as user-facing projects [1] - The industry is moving towards more fine-grained authorization for AI agents, potentially authorizing per-line changes, per-tool changes, or even network connections [20] - Cloudflare offers a free tier for Durable Objects, which can be used for persistent storage in agents [3] Cloudflare's Offerings - Cloudflare provides compute cloud workers, AI model hosting, vectorized inference, vector database, SQL database, durable objects, video streaming, and image optimization [2] - Cloudflare workers have bindings that allow interaction with other Cloudflare products and other companies' products [3] - Cloudflare's agents framework includes an OAuth framework for setting up authorization, enabling easy identification of the worker or agent acting on behalf of a user [5] MCP Server Demo & Use Case - A basic MCP server was built using Cloudflare and Work OS, which is available for users to check out and run [6] - The demo showcases ordering a shirt via an agent, demonstrating how agents can act on behalf of users with proper authorization [9][10][11] - The demo uses Cloudflare's key-value storage to save order data, accessible through the interface [12] - Durable Objects can store data directly on the context associated with a worker object, unique for each user [14][16] Security & Authorization - The industry emphasizes the importance of audit trails with OAuth tools to track agent interactions, including reasons for interaction, the user on whose behalf it acted, and the outcome [21] - The industry needs to consider users as deputies who have access to tools and can potentially misuse them [21]

MCP and AI Agent Development - MCP is presented as a way of interfacing between AI and external resources, enabling functionalities like database access and complex computations [3] - The industry is currently focused on building internal demos and connecting them to APIs, but needs to move towards robust authentication and authorization [9][10] - The industry needs to adapt existing tooling for MCP due to its dynamic client registration, which can flood developer dashboards [12] Enterprise Readiness and Security - Scaling MCP servers requires addressing free credit abuse, bot blocking, and robust access controls [12] - Selling MCP solutions to enterprises necessitates SSO, lifecycle management, provisioning, fine-grained access controls, audit logs, and data loss prevention [12] - Regulations like GDPR impose specific logging requirements for AI workloads, which are not widely supported [12] Challenges and Future Development - Passing scope and access control between different AI workloads remains a significant challenge [13] - The MCP spec is actively developing, with features like elicitation (AI asking humans for input) still unstable [13] - Cloud vendors are solving cloud hosting, but authorization and access control are the hardest parts of enterprise deployment [13]