Changelog

Verified User Access (VUA) is now available for MCP Servers, enabling end users to authenticate with their own credentials when interacting with MCP tools. This delivers enterprise-grade governance and user-level security for AI workflows.

Key Capabilities:

• User-Level Security: Each tool executes with the end user's credentials, ensuring access is always governed by individual permissions.
• Unified Server Setup: Combine recipe functions and API recipes in a single MCP server, eliminating the need for separate API endpoints or collections.
• Flexible Authentication: Configure VUA-enabled tools with Workato Identity Authentication (OAuth2). Credentials are securely stored and reused across tools.

Applications: Enable secure, permission-based workflows such as:

• Jira issue management where users can only view and modify issues they have access to
• Salesforce data retrieval with access limited to assigned accounts and opportunities
• Document processing with user-specific access to applications like Google Docs

Important Limitations:

• API recipes do not support VUA.
• MCP servers must use Workato Identity authentication for VUA; token-based authentication is not supported.

Learn more about MCP Server Verified User Access.