Refine MCP internal access changelog (#24705)

irvinebroque · web-flow · commit 4680cc1b2ef6 · 2025-08-26T12:18:00.000-07:00
diff --git a/src/content/changelog/access/2025-08-26-access-mcp-oauth.mdx b/src/content/changelog/access/2025-08-26-access-mcp-oauth.mdx
@@ -1,13 +1,13 @@
 ---
-title: Access self-hosted applications support MCP OAuth
+title: Manage and restrict access to internal MCP servers with Cloudflare Access
 description: Access self-hosted applications now support MCP OAuth. This allows MCP clients to connect to self-hosted applications through an Access-protected MCP server.
 date: 2025-08-26
 products:
   - access
 ---
 
-[Access self-hosted applications](/cloudflare-one/applications/configure-apps/mcp-servers/linked-apps/) now support OAuth for MCP server authentication. This allows Cloudflare to delegate access from any self-hosted application to an MCP server via OAuth.
+You can now control who within your organization has access to internal MCP servers, by putting internal MCP servers behind [Cloudflare Access](/cloudflare-one/policies/access/).
 
-The OAuth access token authorizes the MCP server to make requests to your self-hosted applications on behalf of the user, using the user's specific permissions and scopes.
+[Self-hosted applications](/cloudflare-one/applications/configure-apps/mcp-servers/linked-apps/) in Cloudflare Access now support OAuth for MCP server authentication. This allows Cloudflare to delegate access from any self-hosted application to an MCP server via OAuth. The OAuth access token authorizes the MCP server to make requests to your self-hosted applications on behalf of the authorized user, using that user's specific permissions and scopes.
 
-For example, your organization may wish to deploy an MCP server that helps employees interact with internal applications. You can configure Access policies to ensure that only authorized users can access those applications, either directly or by using an MCP client.
+For example, if you have an MCP server designed for internal use within your organization, you can configure Access policies to ensure that only authorized users can access it, regardless of which MCP client they use. Support for internal, self-hosted MCP servers also works with MCP server portals, allowing you to provide a single MCP endpoint for multiple MCP servers. For more on MCP server portals, read the [blog post](https://blog.cloudflare.com/zero-trust-mcp-server-portals/) on the Cloudflare Blog.
