MCP Scorecard

ServersPublishersPlatformsBlogAPI
Mission StatementGitHub
← All posts
Spotlight  March 28, 2026

Auth0 and Mastercard Enter the Registry: Identity and Payments Get MCP Servers

Auth0 (Okta) registers an identity management MCP server at score 74. Mastercard registers a developer toolkit at 68. AWS Labs adds OSCAL compliance. Enterprise vendors are no longer watching — they are registering.
MCP Scorecard Research
com.auth0io.github.Mastercardio.github.awslabs

Three enterprise names appeared in this batch that signal a shift in who is building MCP servers.

Auth0: Identity as a Tool Call

com.auth0/mcp scores 74 with 97 stars on github.com/auth0/auth0-mcp-server. Auth0, acquired by Okta in 2021 for $6.5 billion, is one of the largest identity platforms in the world. Their MCP server lets AI agents manage authentication flows, user management, and access control programmatically.

The score of 74 is solid for a new entry. Source repo under the official auth0 GitHub organization. Active development. The only things holding it back from High Trust are its young repo age and limited community metrics — both expected for a newly-launched integration.

The implication is significant. Identity management is one of the most security-sensitive operations in any application. An MCP server that can create users, manage roles, configure authentication policies, and inspect access logs is powerful — and dangerous in the wrong hands. Auth0’s official backing provides some assurance, but this is a server that demands careful permissions review before deployment.

Mastercard: Payment Rails Meet AI Agents

io.github.Mastercard/developers-mcp scores 68 on github.com/Mastercard/developers-agent-toolkit. This is Mastercard’s developer-facing agent toolkit — a bridge between AI agents and Mastercard’s API platform. 44 stars, active repo, official GitHub organization.

Mastercard processes approximately 150 billion transactions per year. Their developer APIs cover payment processing, fraud detection, identity verification, and financial data access. An MCP bridge to this infrastructure means AI agents can potentially interact with payment systems, not just read about them.

AWS Labs: Compliance Gets Computable

io.github.awslabs/mcp-server-for-oscal scores 71 with 29 stars. OSCAL — the Open Security Controls Assessment Language — is a NIST framework for expressing security and compliance requirements as structured data. AWS Labs’ MCP server makes compliance checking a tool call.

This is a quiet but important entry. With the EU AI Act arriving in August 2026, automated compliance checking is becoming essential infrastructure. An OSCAL MCP server means an AI agent can assess whether a system meets specific security controls without a human reading through spreadsheets.

The Pattern

Auth0 (identity), Mastercard (payments), AWS (compliance). These are not weekend projects or individual experiments. They are official repositories from companies that together touch billions of users and trillions of dollars in transactions. The MCP registry is becoming the place where enterprise API platforms publish their AI integration points. The protocol is winning the distribution war not through mandate but through convenience — MCP is simply where agents look for tools.

← Twelve MCP Servers for the UK Parliament: Every Public API, One DeveloperMicrosoft Ships Nine WorkIQ Servers for M365 — All Score 32 →
Article Type
Pulse6Spotlight38Trend7
Archive
March 202633February 202618
Publishers Mentioned
eu.ansvar4com.microsoft3io.github.nick-ma3io.github.D4Vinci3io.github.kubeshark3com.auth02io.github.Mastercard2io.github.rog0x2io.github.junct-bot2io.github.awslabs2io.github.Skyvern-AI2io.github.duriantaco2
~ ~ ~
mcp-scorecard.ai  ·  2026