Current situation
Currently, the Atlassian Rovo MCP (Model Context Protocol) server relies primarily on standard user-interactive OAuth 2.1 authorization code flows (3LO) or global API tokens for authentication. For large enterprise organizations utilizing centralized API Gateways (e.g., Gravitee) and Identity Providers (e.g., Microsoft Entra ID), this creates significant friction. There is no native mechanism to perform a non-interactive, machine-to-machine token exchange that preserves the individual employee's identity.

Suggested improvement
Implement an "Enterprise-Managed Authorisation" extension for the Atlassian Rovo MCP server that supports secure, non-interactive token exchange patterns.