MCP Integration Platforms Compared | Ry Walker Research

Key takeaways

The Workday–Pipedream acquisition (Nov 2025) validated the category — agent tool access is now an enterprise infrastructure concern, not a developer convenience
The market splits by auth model: account-owner credentials (Zapier MCP), per-end-user OAuth (Pipedream, Arcade, Nango), and per-tenant embedded auth (Paragon)
Catalog size is commoditizing — context-window-aware tool exposure (Klavis Strata, Arcade's runtime) is the new differentiation axis
First-party directories (Anthropic's 100+ connectors, Google's managed MCP servers) are commoditizing popular integrations, pushing platforms toward auth, governance, and the long tail

FAQ

What is an MCP integration platform?

A platform that gives AI agents authenticated access to third-party SaaS tools — typically via hosted MCP servers, pre-built tool catalogs, and managed OAuth so credentials never enter the agent runtime.

Which MCP integration platform has the most integrations?

Zapier MCP exposes 9,000+ apps and 30,000+ actions — the largest catalog. Pipedream Connect covers 3,000+ apps with per-end-user OAuth, and Composio offers 1000+ toolkits built specifically for agents.

Which MCP integration platforms are open source?

Composio and Klavis AI are open source (Apache 2.0). Nango is source-available (Elastic License 2.0). Arcade open-sources its MCP server framework, and Pipedream publishes its component registry.

How do these platforms differ on authentication?

Zapier MCP uses the account owner's credentials. Pipedream, Arcade, and Nango manage per-end-user OAuth so agents act as individual users. Paragon manages per-tenant auth for B2B SaaS products embedding agents.

Related: For platforms that deploy the agents themselves, see Team Agent Platforms Compared. For agent development frameworks, see Agent Frameworks Compared.

Executive Summary

MCP integration platforms solve the "last mile" problem for AI agents: authenticated access to the SaaS tools where real work happens. Rather than every team building OAuth flows and API wrappers, these platforms provide hosted MCP servers, pre-built tool catalogs, and managed credential lifecycles — so agents can act in GitHub, Slack, Salesforce, and thousands of other apps without credentials ever entering the model's context.

Key Findings:

The category got its validation event — Workday's acquisition of Pipedream (announced November 2025) signals that agent tool access is enterprise infrastructure, not developer tooling^[1]
Auth model is the real differentiator — Zapier MCP acts as the account owner; Pipedream, Arcade, and Nango manage per-end-user OAuth; Paragon manages per-tenant auth for embedded agents^[2]^[3]
Context-window economics matter — exposing thousands of tools bloats agent context; Klavis's Strata progressively discloses tools in stages and benchmarks above official single-app servers^[4]
The spec itself is contested ground — Arcade co-authored the URL Elicitation proposal with Anthropic, standardizing in-conversation OAuth for MCP servers^[5]

Strategic Planning Assumptions:

By 2027, per-end-user authorization will be a procurement requirement for enterprise agent deployments
By 2027, at least one more MCP integration platform will be acquired by an enterprise software vendor following Workday's playbook
By 2028, first-party directories will serve the top 100 integrations, leaving independent platforms to compete on auth, governance, and the long tail

Market Definition

MCP integration platforms give AI agents authenticated access to third-party SaaS tools. Core capabilities:

Hosted MCP servers — tools exposed over the Model Context Protocol to any compliant client
Managed auth — OAuth flows, token refresh, and credential storage handled by the platform; credentials never reach the model
Tool catalogs — pre-built, maintained integrations rather than hand-rolled API wrappers
Scoping — sessions scoped to an end user, tenant, or account depending on the platform

Inclusion Criteria:

Primarily an integration/tool-access layer for AI agents (not an agent framework or client)
Ships managed MCP servers and/or agent-native tool APIs with managed auth
Real shipped product with meaningful traction (funding, stars, or vendor backing)

Exclusion Criteria:

Agent frameworks (LangChain, CrewAI) — consume these platforms rather than compete with them
Single-app MCP servers and registries/directories (Smithery, Glama, the official MCP registry) — discovery and distribution, not managed access
Enterprise MCP gateways (TrueFoundry, Portkey, Turbo MCP) — govern servers others build; adjacent category
First-party directories (Anthropic's connectors, Google's managed MCP servers^[6]) — distribution channels from model/cloud vendors, not independent platforms

Comparison Matrix

Platform	Segment	Open Source	Catalog	Auth Model	Pricing	Stage
Arcade	Auth-first runtime	Partial (MCP framework, MIT)	8,000+ tools	Per-end-user OAuth + IdP	Free / $25+/mo + usage	$12M seed
Composio	Tool catalog	✅ (27K stars)	1000+ toolkits	Managed OAuth	Free tier / usage	$29M Series A
Klavis AI	Tool catalog (OSS)	✅ Apache 2.0 (5.7K stars)	300+ services	Managed OAuth, SOC 2	Free / enterprise	YC X25 seed
Nango	Auth-first	Source-available ELv2 (10.3K stars)	800+ APIs	Per-connection managed OAuth	Free / $50+/mo	$7.5M seed
Paragon	Embedded iPaaS	MCP server only (MIT)	130+ apps, 1,000+ actions	Per-tenant OAuth	Quote-based	$16M+ raised
Pipedream	Tool catalog	Partial (component registry)	3,000+ apps, 10,000+ tools	Per-end-user OAuth	Credit-based	Workday-owned
Zapier MCP	Incumbent catalog	—	9,000+ apps, 30,000+ actions	Account-owner credentials	Plan task quotas	GA (profitable parent)

How the Market Segments

Segment	Members	Competes On
Auth-first infrastructure	Arcade, Nango	OAuth lifecycle, per-user scoping, agent-acts-as-user security
Full tool catalogs	Composio, Klavis AI, Pipedream, Zapier MCP	Catalog breadth, tool quality, context efficiency
Embedded iPaaS for B2B SaaS	Paragon	Per-tenant auth and normalized actions inside your product's agents

Adjacent but excluded: registries/marketplaces (Smithery's ~7,000 servers, Glama's directory), enterprise MCP gateways (TrueFoundry, Portkey), and first-party channels (Anthropic's connectors directory, Google's 50+ managed MCP servers^[6]). Watchlist for future inclusion: ACI.dev, StackOne, Merge's Agent Handler, Smithery.

Platform Profiles

Arcade

Auth-first MCP runtime — agents act as the authenticated end user^[7]

User-scoped OAuth + IdP integration — agents get the end user's permissions, not a service account's
Spec influence — co-authored URL Elicitation with Anthropic, now in the MCP spec^[5]
8,000+ prebuilt tools plus an open-source MCP server framework with evals built in
Seed stage — $12M (Laude Ventures); customers include LangChain and Snyk

Best For: Enterprises that need agents acting under individual user permissions with IdP integration.

Composio

Open source agent integration layer — 1000+ toolkits, managed auth, 27K stars^[8]

1000+ toolkits built agent-native, with managed OAuth and sandboxed execution
Framework-agnostic — OpenAI, Anthropic, LangChain, CrewAI, AutoGen, Vercel AI SDK
Skill learning — tool-usage knowledge improves across agents^[9]
Best-funded independent — $29M (Lightspeed-led Series A, July 2025)

Best For: Teams building custom agents that need broad SaaS coverage with agent-native ergonomics.

Klavis AI

Open-source MCP platform with context-aware tool exposure — Strata unified server^[10]

Strata progressive discovery — exposes servers → categories → actions → schemas in stages to fit the context window; outperforms official GitHub/Notion servers on MCPMark^[4]
300+ services with managed OAuth; SOC 2 Type II
MCP sandboxes for agent training and RL
Early — YC X25, team of 3; the most direct open-source Composio competitor

Best For: Teams hitting context-window limits with large tool catalogs; open-source-first builders.

Nango

Auth-first integration infrastructure with a hosted MCP server — 800+ APIs^[11]

Managed OAuth across 800+ APIs — connections, token refresh, webhooks, authenticated proxy
Per-connection MCP scoping — each MCP session bound to one user connection; credentials never enter the agent runtime
Code-first and self-hostable (Elastic License 2.0); 10K+ engineering teams, customers include Replit and Ramp
Capital-efficient — $7.5M seed (Gradient, April 2026), cash-flow positive pre-raise^[12]

Best For: Engineering teams that want auth infrastructure under their control, with MCP as one consumption surface.

Paragon

Embedded iPaaS rebuilt for AI — ActionKit gives your product's agents 1,000+ actions^[3]

Per-tenant managed auth — each of your customers connects their own SaaS accounts
ActionKit as API or MCP server — 130+ integrations, 1,000+ actions, listed in Anthropic's registry
Built for B2B SaaS — agents inside your product, not your internal tooling
Quote-based pricing — metered on connected users; founded 2019, SOC 2 Type II

Best For: B2B SaaS companies shipping agents inside their own product that act on customers' connected tools.

Pipedream

Per-end-user MCP servers over a 3,000-app catalog — now part of Workday^[13]

Dedicated MCP servers per app, per end user via Connect; fully managed end-user OAuth
10,000+ pre-built tools on a workflow platform with 5,000+ customers
Workday acquisition (announced Nov 2025) — category validation, but roadmap uncertainty for third-party developers^[1]
Credit-based pricing; Connect free in dev mode

Best For: Teams wanting the deepest per-end-user MCP catalog — with eyes open about Workday's roadmap priorities.

Zapier MCP

The incumbent's entry — 9,000+ apps, 30,000+ actions through one endpoint^[2]

Largest catalog in the category by an order of magnitude
Hosted MCP server per user with first-party Claude and ChatGPT setup flows
Account-owner credentials — no per-end-user OAuth; weaker for embedded/multi-user scenarios
Zero vendor risk — profitable parent; but agent infrastructure is not Zapier's core business

Best For: Individuals and teams wanting maximum app coverage for agents acting under one account.

Gap Analysis

Feature	Arcade	Composio	Klavis	Nango	Paragon	Pipedream	Zapier MCP
Per-end-user OAuth	✅	✅	✅	✅	✅	✅	—
Per-tenant (embedded B2B)	—	—	—	✅	✅	✅	—
Open source / source-available	Partial	✅	✅	✅	Partial	Partial	—
Self-hosted option	✅	—	✅	✅	On-prem	—	—
Context-aware tool exposure	✅	✅	✅	—	—	—	—
IdP / SSO integration	✅	—	—	—	—	—	—
1,000+ app catalog	—	✅	—	—	—	✅	✅
Independent vendor	✅	✅	✅	✅	✅	— (Workday)	✅

Key gaps across the market:

No platform combines Zapier-scale catalog breadth with per-end-user auth — Pipedream comes closest
Governance is immature — audit trails, RBAC, and approval flows for agent tool calls are early everywhere; enterprise gateways are filling the gap from the outside
Pricing is hard to compare — connections, tool calls, tasks, credits, and connected users all meter differently; expect normalization pressure

Strategic Recommendations

By Use Case

Use Case	Recommended	Runner-Up
Agents acting as individual employees	Arcade	Pipedream
Custom agents, broad SaaS coverage	Composio	Klavis AI
Open-source requirement	Klavis AI	Composio
Auth infrastructure you control	Nango	Arcade
Agents embedded in your B2B product	Paragon	Nango
Maximum app coverage, single account	Zapier MCP	Pipedream
Large catalogs without context bloat	Klavis AI (Strata)	Composio

By Buyer Profile

Solo builders / prototypes: → Zapier MCP for instant coverage; Klavis AI's free tier for open-source work.

Startups building agent products: → Composio or Klavis AI for tool breadth; Nango if integrations are core to your product and you want code-level control.

B2B SaaS adding agents to your product: → Paragon's ActionKit for per-tenant auth; Nango for a code-first alternative.

Enterprises deploying internal agents: → Arcade for IdP-integrated, user-scoped authorization; evaluate Pipedream with Workday's roadmap in mind.

Market Outlook

Near-Term (2026)

Workday closes the Pipedream acquisition; expect enterprise-suite bundling and at least one competitive response acquisition
Per-end-user authorization patterns (URL Elicitation) ship in mainstream MCP clients
First-party directories keep absorbing the most popular integrations^[6]

Medium-Term (2027-2028)

Auth-first and catalog-first platforms converge — auth players add catalogs, catalog players deepen auth
Agent tool-call governance (who authorized what, when) becomes a compliance requirement, favoring platforms with audit-grade logging
Registry/marketplace players consolidate or get absorbed by platforms and model vendors

Long-Term (2029+)

Managed tool access becomes default infrastructure, like payment processing — built by few, used by all
The MCP spec (now under the Linux Foundation) becomes the assumed substrate; differentiation moves entirely to auth, governance, and reliability

Bottom Line

MCP integration platforms are where agent ambition meets SaaS reality. The category's defining question is whose credentials does the agent hold? Account-owner models (Zapier MCP) are simplest; per-end-user models (Arcade, Pipedream, Nango) are what enterprises will require; per-tenant models (Paragon) serve products embedding agents.

Current Leaders:

Composio for agent-native tool breadth with open source and the strongest independent funding
Pipedream for per-end-user MCP depth — now with Workday's resources and Workday's priorities
Zapier MCP for raw coverage under a single account

Rising Challengers:

Arcade for enterprise-grade, IdP-integrated authorization and direct influence on the MCP spec
Klavis AI for context-efficient tool exposure (Strata) as catalogs outgrow context windows
Nango for capital-efficient, code-first auth infrastructure

Start with the auth model your deployment requires, then choose the largest catalog that supports it.

Research by Ry Walker Research • methodology

Sources