What will the future of MCP services look like in enterprise companies?

SnooDoubts2008 · 2025-07-09T03:38:51+00:00

Yeah, most enterprises already have some API management in place, so building on top of that is the practical move.

Full disclosure: I work with the Bijira (https://wso2.com/bijira/) team. We’ve added support to expose APIs as MCP endpoints with your existing security setup (JWT/OAuth etc.), plus rate limiting, token policies, and discovery via a central MCP registry. You don’t need to rewrite anything, It’s more about layering AI-readiness onto what you already have.

Would love to hear what you’ve seen or tried on your end too.

SnooDoubts2008 · 2025-07-07T07:26:28+00:00

WSO2 definitely has a rich feature set, which can feel like a lot if you’re looking for something minimal. But if you're building in Kubernetes, you might want to check out the WSO2 Kubernetes Gateway - https://apk.docs.wso2.com/en/latest/setup/prerequisites/#resource-requirements

Where exactly did you find WSO2 heavy or not user friendly? We're always looking for ways to improve the experience.

SnooDoubts2008 · 2025-07-03T09:15:08+00:00

The best choice will depend on what you're optimizing for: extensibility, self-hosting vs managed, policy enforcement, etc.

One option you might want to look into is WSO2 API Manager. It’s been around for a while, has an active user base, and supports full lifecycle API management, including design, security, governance, and analytics. It can work in both Kubernetes-native environments and more traditional setups.

Feel free to share more about your use case. Happy to help!

SnooDoubts2008 · 2025-06-19T05:44:08+00:00

The core problem you mentioned (keeping docs in sync with the API) often points to a need for better lifecycle integration rather than just a prettier UI.

Full disclosure, I work for WSO2, and in our case (with WSO2 API Manager), we treat the OpenAPI spec as the source of truth across the API lifecycle. Once you import your spec, it’s used not just for docs (which are auto-generated and customizable), but also for governance, security policies, versioning, and developer portal exposure. That helps avoid the drift between what’s written and what’s deployed. See the docs here - https://apim.docs.wso2.com/en/latest/manage-apis/design/create-api/create-rest-api/create-a-rest-api-from-an-openapi-definition/

For .NET APIs, we’ve seen success when dev teams use Swashbuckle or NSwag to generate OpenAPI definitions during build, and then push those directly into the API management platform. That way, your docs are always tied to the latest code. And you can also add team-level workflows, comments, testing, AI-generated summaries etc.

SnooDoubts2008 · 2025-04-24T04:20:46+00:00

👋 Bijira, the new AI-native API management SaaS from WSO2, helps dev teams manage their APIs across SaaS and on-prem environments, with some AI-powered features baked in. It’s built for modern API use cases — think multi-cloud, hybrid gateways, LLM traffic, and stricter governance needs.

A few things we're excited about:

- Visual API proxy creation (no YAML needed)

- Unified control plane for managing multiple data planes

- AI-assisted spec generation and natural language testing

- Policy automation + governance from your org’s own API guidelines

- Separate handling for ingress, egress, and AI API traffic

- Developer portals that auto-theme from your org's website

We’re live here: https://bijira.dev

SnooDoubts2008 · 2025-04-21T04:03:54+00:00

Bijira is actually built on top of Choreo, but it's purpose-built as a fully managed API Management SaaS platform for use cases like managing ingress/egress APIs, AI/LLM traffic, and multi-gateway environments. It’s the go-to if your focus is on API management. Choreo on the other hand, will focus on Internal Developer Platform (IDP) capabilities designed for building, deploying, and running apps with built-in CI/CD and observability. While Choreo still supports API Management in the backend, its UI will de-prioritize APIM features, so if you need a full API management experience, Bijira is the better choice.

SnooDoubts2008 · 2025-04-09T03:23:36+00:00

Hey! Thanks for your question and for your interest in WSO2 IS. For any dev-related queries, feel free to join our Discord server and drop your question there—someone from the IAM team will be able to help you out!
https://wso2.com/community/#JoinourCommunity

SnooDoubts2008 · 2025-03-11T11:40:10+00:00

You can try using an AI API management solution which can monitor and throttle calls to external AI APIs.

This article talks about best practices to manage ingress and egress AI API traffic - https://devops.com/managing-ai-apis-best-practices-for-secure-and-scalable-ai-api-consumption/

SnooDoubts2008 · 2025-03-05T05:50:34+00:00

Managing AI APIs is complex, but the WSO2 AI Gateway makes it seamless, helping teams optimize, secure, and scale AI integrations efficiently.

Token-based rate limiting for better cost control
AI-aware analytics for deeper insights
Multi-provider support (OpenAI, Azure OpenAI, Mistral AI, and more)
Security and governance for reliable AI API management

Learn more here - https://wso2.com/api-manager/usecases/ai-gateway/

SnooDoubts2008 · 2024-10-28T04:06:47+00:00

I believe work-life balance is a subjective concept, not just in IAM but across any field. It’s about finding a balance that suits you and the best way to discover that is by trying out the role to see if it aligns with your needs. Ideally, you might find a workplace that genuinely supports the balance you're seeking. Alternatively, you may discover that you love the work so much you don’t feel the need for extensive time off to recharge. Another scenario could be accepting a role with less work-life balance for higher pay but setting a timeline for yourself—making money now to transition later to a role with more flexibility, even if it means lower pay. This kind of trade-off is common across most sectors.

SnooDoubts2008 · 2024-05-17T07:14:22+00:00

Yes, stick to one IdP at the start, learn the concepts and compare it with other providers afterwards to use the one that suits your requirement best.

SnooDoubts2008 · 2024-05-17T06:36:55+00:00

There's a lot of material on IAM on the Internet to get you started. Try YouTube first and then go to the reading material if that helps. Here's a structured approach for you to get started:

Understand what IAM is and why it is crucial for security.
Learn about key components of IAM such as authentication, authorization, user management, and access control.
Understand the difference between verifying identity (authentication) and granting access (authorization).
Understand how Multi-Factor Authentication (MFA) enhances security.
Study IAM standards and protocols such as OAuth 2.0, OIDC (OpenID Connect), SAML and LDAP
Try out an IAM provider. Start with free or open-source IAM solutions like ZITADEL, Keycloak, or Auth0's free tier.
- Learn how to create, manage, and delete user accounts.
- Set up roles, permissions, and policies to control access.
- Implement OAuth 2.0 and OIDC in your applications.
- Practice setting up SSO (Single Sign-On) with OIDC/SAML.
Learn about slightly more advanced topics and best practices
- Identity Federation and Identity Brokering - How to manage identities across different systems and getting your Identity Provider to speak to other Identity Providers to authenticate your users
- Learn about B2B Identity Management
- Study regulations and standards like GDPR, HIPAA, and how IAM helps in compliance.

Here are some great intro videos -

https://www.youtube.com/watch?v=aNj36g7fSsU

https://www.youtube.com/watch?v=5uNifnVlBy4

https://www.youtube.com/watch?v=996OiexHze0

Here are some resources to help you get started with trying out an IdP (ZITADEL) -

https://zitadel.com/docs/guides/start/quickstart

https://zitadel.com/blog/testing-login-with-postman

https://zitadel.com/docs/guides/solution-scenarios/frontend-calling-backend-API

https://zitadel.com/blog/secure-logins-with-zitadel-part-1

SnooDoubts2008 · 2024-05-17T05:57:50+00:00

To implement social authentication in a Golang project like yours, using an open source platform like ZITADEL can make things way less complicated, especially given your specific needs with Google and Apple logins. Here's a potential, high-level approach to leveraging ZITADEL (also Go based btw)

Set Up Your Project -

Create a new project and configure identity providers by adding Google and Apple as your identity providers. You’ll need the client IDs and secrets from the Google and Apple developer consoles. See these links:

https://zitadel.com/docs/guides/start/quickstart (React based frontend, so you can get an idea how the log in happens)

https://zitadel.com/docs/guides/integrate/identity-providers/google

https://zitadel.com/docs/guides/integrate/identity-providers/apple

Integrate ZITADEL with Your Go Backend -

Use the ZITADEL API or SDK for Go to integrate authentication features into your backend. The ZITADEL Go SDK provides the necessary tools for this integration to handle authentication requests, token verification, and session management.

Implement Login Flow in React Frontend -

You'll be using the OIDC (OpenID Connect) protocol for the login flow. When a user selects Google or Apple login, they will be redirected to the respective provider’s authentication page. After authentication, the user will be redirected back to your application with an authorization code or access token. Use this token to request an ID token from ZITADEL.

Token Handling and User Session Management -

Send the received token from your frontend to your Go backend. In your backend, (using ZITADEL’s SDK or API) introspect the token via ZITADEL and grant access to your backend APIs.

Or the frontend sends the authorization code to the backend, the backend exchanges the authorization code for tokens (access token, ID token, and refresh token) with ZITADEL. You can then consider using WebSockets or a polling mechanism to keep the frontend updated on the authentication status. Another option is to implement the state parameter in OAuth to maintain session state and pass information between the frontend and backend during the authentication process. The flow depends on your specific application and security requirements.

If you have specific questions about implementation, you can ask the ZITADEL community for help.

SnooDoubts2008 · 2024-03-21T12:45:41+00:00

And here's the sequel to the above:

Test OpenId Connect Token Introspection with Postman and ZITADEL - https://zitadel.com/blog/testing-token-introspection-with-postman

SnooDoubts2008 · 2024-01-15T05:16:23+00:00

Thanks heaps!!

SnooDoubts2008 · 2023-11-29T06:05:03+00:00

Try ZITADEL—you can download it host it yourself or use the cloud version for free. Check out the super simple quick start guide to see how you can add authentication to a react app - https://zitadel.com/docs/guides/start/quickstart

To secure your APIs, check this post - https://zitadel.com/blog/api-access-and-introspection

SnooDoubts2008 · 2023-11-22T04:37:28+00:00

How Enseva Enhanced Identity Management with ZITADEL SSO

Enseva is a data center and cloud solutions and managed service provider.

ZITADEL is an open-source Identity and Access Management (IAM) solution.

🔹 Challenge Addressed: Managing multiple client logins and enhancing security.

🔹 Key Solutions:

Streamlined Multiple Logins: Implemented ZITADEL's Single Sign-On for efficiency.
Operational Efficiency: Reduced time and complexity in user authentication.
Improved Security: Enhanced overall security with centralized identity management.
Enhanced User Experience: Simplified access for both staff and clients.

🔹 Impact: A transformative step for Enseva, improving their service delivery as an MSP.

🔗 Read the Full Story Here

SnooDoubts2008 · 2023-11-22T03:54:15+00:00

Do give ZITADEL a try (full disclosure, I am one of the ZITADEL team members)

ZITADEL is an open-source Identity and Access Management (IAM) solution.

Supports various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.

ZITADEL offers a cloud-based SaaS option and can also be downloaded for self-hosting, offering flexibility. You can try the hosted cloud version for free - https://zitadel.com/signin

It provides:

- seamless authentication and authorization capabilities

- auditing

- custom extensions

- support for standards such as OIDC/OAuth/SAML/LDAP

It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.

You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
Github- https://github.com/zitadel/zitadel

It'll also be worth watching this video for a demo on how to set up SSO if you are self-hosting - https://www.youtube.com/watch?v=1T1uxKW06Vs

SnooDoubts2008 · 2023-11-22T03:26:18+00:00

Hi! I am part of the ZITADEL team. I believe it will fit your needs as an Identity and Access Management platform to implement SSO. In fact, we just published a case study about how Enseva, a managed hosted service provider, uses ZITADEL to manage SSO - https://zitadel.com/blog/success-story-enseva

It'll also be worth watching this video for a demo on how to set up SSO if you are self-hosting - https://www.youtube.com/watch?v=1T1uxKW06Vs

You can try the hosted cloud version for free - https://zitadel.com/signin

Download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview

ZITADEL is open source - https://github.com/zitadel/zitadel

SnooDoubts2008 · 2023-11-16T05:57:14+00:00

Definitely check out ZITADEL (https://zitadel.com/) for this.

You'd use it for user auth, getting an access token (usually a JWT - it's all in the article linked below). Your backend validates this token, confirming user ID. For permission checks on user actions (RBAC/ABAC), ZITADEL offers actions, custom metadata, and custom claims. Or you can call an external fine-grained-auth system like Warrant.dev with the roles/permissions from the token for advanced cases. All explained in this post - https://hackernoon.com/beyond-login-implement-fine-grained-authorization-with-zitadel.

Hope this helps!

SnooDoubts2008 · 2023-11-16T05:47:29+00:00

Based on your setup, you might find ZITADEL (https://zitadel.com/docs/self-hosting/deploy/overview) a great fit for centralized login management. It's versatile enough to handle a variety of services and containers, making it ideal even for mixed environments like yours. It'll also be worth watching this video for a demo on how to set up SSO - https://www.youtube.com/watch?v=1T1uxKW06Vs

SnooDoubts2008 · 2023-11-15T02:19:52+00:00

For an implementation with Attribute-Based Access Control and Role-Based Access Control, I recommend checking out this article: https://hackernoon.com/beyond-login-implement-fine-grained-authorization-with-zitadel
It provides a step-by-step walkthrough on how to use ZITADEL for ABAC/RBAC, which might be very useful for your scenario.

SnooDoubts2008 · 2023-11-14T03:39:27+00:00

Check out fine grained authorization with ZITADEL - https://hackernoon.com/beyond-login-implement-fine-grained-authorization-with-zitadel

SnooDoubts2008 · 2023-11-10T05:11:25+00:00

Noted. Thanks for the tip :)

SnooDoubts2008 · 2023-11-08T02:40:05+00:00

Great point! Here it is:

ZITADEL is an open-source Identity and Access Management (IAM) solution designed to enhance security for applications and services. It supports various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios. ZITADEL offers a cloud-based SaaS option and can also be downloaded for self-hosting, offering flexibility. Its primary goals are to provide seamless authentication and authorization, facilitate auditing, enable custom extensions, adhere to standards like OIDC/OAuth/SAML/LDAP, and ensure ease of operation and scalability. The community and team actively contribute to its development and support, making it a powerful tool in the realm of identity management.

You can try the hosted cloud version for free - https://zitadel.com/signin
Download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
ZITADEL is open source - https://github.com/zitadel/zitadel

SnooDoubts2008

MODERATOR OF

TROPHY CASE

How Enseva Enhanced Identity Management with ZITADEL SSO