Amazon Bedrock AgentCore Gateway Now Supports OAuth 2.0 for MCP Servers

What Happened

Amazon Web Services updated Bedrock AgentCore Gateway to support OAuth 2.0 Authorization Code flow via Amazon Bedrock AgentCore Identity. Teams can now route all MCP server connections through a single Gateway URL instead of configuring authentication individually per server or IDE. The update targets production-grade third-party MCP servers from providers like GitHub, Salesforce, and Databricks, which require delegated user authentication before tool invocation.

Why It Matters

As AI agent deployments scale, the number of MCP servers per organization grows fast. Managing OAuth tokens, routing rules, and access policies at the IDE or application level does not scale. AgentCore Gateway consolidates authentication, observability, and policy enforcement into one control plane. For indie developers and SMEs building on Bedrock, this removes the need to write custom token-refresh logic or embed credentials in application code — both common sources of security incidents in early-stage AI products.

• One Gateway URL replaces N individual MCP server configurations per developer environment
• Token lifecycle is managed by AgentCore Identity, not application code
• Policy enforcement and observability are centralized, simplifying compliance audits

Asia-Pacific Angle

Chinese and Southeast Asian developers building SaaS products for global enterprise customers increasingly need to integrate with Western platforms like Salesforce and GitHub via MCP. These platforms enforce OAuth 2.0 with strict token scoping. AgentCore Gateway's Authorization Code flow support means teams in Singapore, Jakarta, or Shenzhen can connect to these services without standing up a separate OAuth proxy or relying on long-lived API keys — a pattern that frequently fails enterprise security reviews when selling into US or EU markets. AWS infrastructure is available in ap-southeast-1 (Singapore) and ap-northeast-1 (Tokyo), making latency acceptable for regional deployments.

Action Item This Week

If you have an existing Bedrock agent that calls any OAuth-protected MCP server directly, register that server in AgentCore Gateway and replace the direct connection with the single Gateway URL. Test token delegation using the Authorization Code flow in a staging environment before promoting to production.