Blog image

Build Beyond Chat—
Make AI Do Sh*t.

No fluff. Just deep dives into tool-calling and agent auth to make your AI actually useful.

Rays decoration image
Icon
Search icon
Rays decoration image
MCP

Building MCP Together: Arcade's Contribution to Secure Agent Auth

Your AI agent needs to search Gmail for that weekly report. You've built an MCP server, the tool definition, everything's wired up perfectly. One problem: there's no secure path in the protocol to get the OAuth 2.0 bearer token your agent needs to call the Gmail API. This is the gap between MCP's design and production reality. While the protocol handles client-server authentication beautifully, it completely lacks a mechanism for servers to securely obtain third-party credentials. At Arcade.dev

THOUGHT LEADERSHIP

Production-Ready MCP: Why Security Standards Matter for AI Tool Infrastructure

After eight years building authentication systems at Okta, followed by stints at Kong and ngrok working on developer tools and API gateways, I've seen how to build systems that are secure by default. Now at Arcade.dev, I'm watching the MCP ecosystem struggle to get there. The Model Context Protocol has incredible potential for enabling AI agents to interact with real-world systems. But there's a gap between experimental implementations and production-ready infrastructure that most developers ar

THOUGHT LEADERSHIP

The Agent Hierarchy of Needs: Why Your AI Can't Actually Do Anything (Yet)

Your AI can summarize documents you feed it, answer questions about your uploaded PDFs, and explain concepts from its training data. But ask it to pull your actual Q4 revenue from NetSuite, check real customer satisfaction scores, or update a deal in Salesforce? Suddenly it's just guessing—or worse, hallucinating numbers that sound plausible but aren't your data. This disconnect between AI's intelligence and its ability to access real data and take action is why less than 30% of AI projects hav

COMPANY NEWS

We Just Won "Overall Authentication Solution of the Year" — Here's Why It Matters for AI Builders

Arcade.dev just took home "Overall Authentication Solution of the Year" in the 8th Annual AI Breakthrough Awards. And before you roll your eyes at another tech award announcement, let me explain why this actually matters for anyone building AI agents that need to do real work. The Problem We All Keep Hitting You know that moment when your perfectly crafted AI agent suggests "I'll schedule that meeting for you" — and then... doesn't? Because it can't? Yeah, that's the wall everyone's been hit

Rays decoration image
TUTORIALS

How to choose the best Agentic Framework, Part 2: Agentic Delegation

In the previous post in this series, we explored Human-in-the-Loop. Here, we’re exploring Handoffs, which I prefer to call “Agentic Delegation” This post is a companion to a video, I encourage you to watch it! Here’s the experiment setup I’m using the same agentic system. I implemented the same system using three different Frameworks: * LangGraph * OpenAI’s Agents SDK * Google’s Agent Development Kit (ADK) In all cases, the agent uses a “supervisor” architecture, where a single agent re

Rays decoration image
THOUGHT LEADERSHIP

The Day an AI Agent Merged Malicious Code (And What We Learned)

Yesterday started like any other day. Coffee, standup, code review. Then I heard about an incident that made me put down everything. An organization's AI agent had been compromised. Not through some exotic zero-day or sophisticated attack vector. No, this was far more elegant—and terrifying. Their LLM-powered browser agent had autonomously merged a malicious pull request on GitHub. As a real employee. With real permissions. The attack vector? A carefully crafted email sitting in the user's inb

Blog CTA Icon

Get early access to Arcade, and start building now.