Anthropic’s Model Context Protocol Goes Fully Open-Source Under Linux Foundation, Adds Remote Connectivity with OAuth2 Security
Anthropic moves MCP to Linux Foundation, enabling remote connections with OAuth2 security, ensuring open-source availability.
Anthropic announced today that its Model Context Protocol (MCP) is moving to the Linux Foundation, ensuring permanent open-source availability, while simultaneously expanding from local-only to remote connectivity with OAuth2-based authentication and authorization. The move addresses growing demand for secure, interoperable AI context sharing across distributed applications.
Key Announcement
MCP co-creator David Soria Parra, Member of the Technical Staff at Anthropic, confirmed the protocol’s migration to the Linux Foundation during an interview. We want MCP to be a neutral, community-driven standard, not tied to any single company,
he stated. The Linux Foundation provides the governance and longevity developers expect.
The update also introduces remote connectivity, a capability previously limited to local environments. Parra explained, Applications no longer need to run on the same machine. This unlocks AI assistants that can securely access context from different services anywhere.
Security and Privacy Enhancements
To protect data in transit, MCP now integrates OAuth2 for both authentication and authorization. Security was a core design principle from day one,
Parra emphasized. OAuth2 gives users granular control over what context is shared and with whom, without compromising privacy.
The team worked closely with security experts to ensure the protocol meets enterprise-grade requirements.
Parra noted that the protocol remains lightweight: We didn’t want a heavy security layer that slows things down. OAuth2 fits MCP’s philosophy of minimal overhead with maximum flexibility.
Background
MCP was initially released by Anthropic as a local-only protocol for sharing context between AI models and tools. It quickly gained traction among developers building multi‑agent systems. However, the lack of remote connectivity limited its scalability. Developers asked for a way to connect services across networks securely,
Parra said. Today’s announcement directly answers that need.
The move to the Linux Foundation follows similar initiatives by other open‑source projects seeking neutral stewardship. We want MCP to be a foundation of the AI ecosystem, like HTTP is for the web,
Parra added. The foundation will oversee future development, contributions, and compliance.
What This Means
For developers, MCP’s expansion means they can now build AI applications that share context across cloud services, on‑premise systems, and mobile devices—all with standardized security. This is a game‑changer for federated AI,
said an industry analyst not involved in the development. It removes the last barrier to truly interoperable AI workflows.
The protocol’s open‑source guarantee under the Linux Foundation also reduces vendor lock‑in concerns. Enterprises can adopt MCP knowing it will remain freely available and independently governed. No one needs to worry about a single company controlling the protocol,
Parra noted.
In the longer term, MCP could become a default layer for AI context exchange, analogous to REST for web APIs. The remote connectivity and OAuth2 support position it for production use at scale.
Anthropic will continue to contribute to MCP while ceding control to the foundation. The first remote‑capable version is available today in beta.