Takashi Norimatsu
Takashi Norimatsu, Ph.D. in Engineering, Senior OSS Specialist, Hitachi, Ltd. is a maintainer of Keycloak, IAM OSS, CNCF incubating project. He has been implemented and contributed to Keycloak security features like FAPI 1.0/FAPI 2.0/FAPI-CIBA security profiles, Model Context Protocol (MCP) authorization part, WebAuthn/Passkeys support. He leads Keycloak's community "OAuth SIG" (Ex FAPI-SIG) for supporting OAuth/OIDC and its related security features to Keycloak.
Session
05-29
10:00
30min
Introducing Elicitation Concept of MCP for Secure Cross-domain Multi-hop API Calls in OAuth World
Takashi Norimatsu
This session explores the possibility of applying the concept of "Elicitation in URL mode", introduced in MCP, to the OAuth world to make cross-domain multi-hop API calls secure and compares it with the existing token-exchange based method.
Arena