Arcade

Arcade is an MCP runtime platform that solves agent authorization. The core insight: when an agent takes actions across business systems (Google Workspace, Slack, Salesforce, GitHub), it should act with a specific user's permissions via OAuth — not shared service account keys. Arcade manages just-in-time OAuth flows per user, so the agent's LLM never sees credentials, and every action is scoped to the authenticated user's access level.

The platform provides 100+ ready-to-use integrations and maintains thousands of MCP tools for popular services. Arcade has published a blog post specifically addressing OpenClaw security concerns, arguing that agents shouldn't have direct access to user tokens. The open-source MCP framework includes built-in OAuth support and eval tooling, and an Arcade Registry (beta) provides a marketplace for building, sharing, and monetizing custom tools.

The free tier includes 1,000 standard tool executions per month with 100 user auth challenges. Paid plans start at $25/month with usage-based scaling. SOC 2 certified, with deployment options spanning cloud, VPC, on-prem, and air-gapped environments. Trusted by LangChain, Snyk, and Relevance AI.