Enterprise Ready Conference 2025 Recap

On October 22, 2025, Enterprise Ready Conference brought together hundreds of product, engineering, and AI leaders at San Francisco's SF Jazz Center for a conversation about what it takes to build AI products that enterprise customers will actually buy.

This article is part of our Enterprise Ready Conference 2025 series: 

• Michael Grinich's ERC 2025 Opening Keynote: Crossing the Enterprise Chasm in the Age of AI
• MCP.shop Demo: How WorkOS Powers Identity and Auth for AI Agents
• Security in the Age of AI: Old Problems Meet New Risks
• The Productivity Paradox: When AI Tools Make Things Worse Before They Make Them Better
• CTO Panel: AI is Transforming Engineering Teams Faster Than Expected
• Beyond the Hype: What Actually Works for Production AI Systems
• The Bring Your Own Cloud Movement: Nuon's Solution for Enterprise AI Deployment
• Metronome's Lightning Demo: Building Enterprise-Ready Monetization in Real Time
• Augment Code: Context Is the New Compiler
• Sentry's Lightning Demo: When AI Meets Error Resolution
• The Future of Agent Identity Is Already Here: Tobin South at ERC 2025
• The Feature You'll Rebuild Three Times: Authorization at Scale
• When PLG Meets Enterprise: Drew Houston on Building Dropbox from Viral Growth to $2.5B in Revenue

The conference positioned itself at a critical inflection point. Every software company is becoming an AI company, but very few AI companies are becoming enterprise-ready.

The gap between building impressive demos and shipping products that pass enterprise security reviews remains wide, and Enterprise Ready Conference tackled that gap head-on.

‍

Opening Keynote

Michael Grinich, WorkOS CEO and Founder, opened the conference by framing the central challenge facing AI startups today.

While AI applications are growing faster than any previous category of software, they're also hitting enterprise adoption blockers earlier in their lifecycle.

The traditional path to enterprise readiness—authentication, authorization, audit logs, and compliance features—isn't optional anymore. It's table stakes, and AI companies need to ship these capabilities while they're still figuring out their core product.

Read the full keynote breakdown here.

You can watch the full keynote below: 

‍

Tobin South Demos Auth and Identity for MCP integrations via AuthKit with the ChatGPT Apps SDK

Michael next segued into the first lightning demo of the day, proving that auth and identity for agents is already here, powered by WorkOS AuthKit. MCP servers are great at exposing functionality to AI agents and LLMs, but how do you ensure you know who your agent is working on behalf of, and what actions they are allowed to perform?

Tobin South, who joined WorkOS after Michael discovered his MIT research on agent identity via a tweet, took the stage to demonstrate the answer. His demo centered on mcp.shop, a real working e-commerce store selling exclusive MCP-branded t-shirts that can only be accessed through ChatGPT's Apps SDK—a perfect example of how enterprise-grade authentication enables AI agents to handle sensitive operations like transactions.

The Technical Challenge

When OpenAI announced the ChatGPT Apps SDK just weeks prior to ERC, it opened up access to over 700 million weekly active ChatGPT users. But there's a critical problem: if you're building a ChatGPT app that connects to sensitive data, corporate information, or needs to perform transactions (like buying something), you can't just use public APIs.

You need OAuth. You need robust authentication. You need to know who is making the request.This is exactly what WorkOS Connect and AuthKit solve.

‍

The Demo: From Connection to Transaction

Tobin walked through the complete flow live on stage:

1. Creating the Connection: In ChatGPT's developer mode, he created a new connector for "mcp.shop," explicitly turning on OAuth authentication—"because we need valid user accounts. We don't want everyone buying and DDoSing us with shirts."

1. OAuth Authorization Flow: When ChatGPT attempted to connect to mcp.shop, it triggered a standard OAuth flow powered by WorkOS Connect. This ensured that only authenticated users with proper permissions could access the store.

1. Preserved User State: Once connected, Tobin asked ChatGPT to "show me the MCP shop store." ChatGPT rendered an interactive iframe displaying the exclusive t-shirt, complete with Tobin's user details already pre-filled from a previous session—demonstrating how WorkOS maintains secure session state across interactions.

1. Completing the Transaction: In the live demo, Tobin placed an actual order for the shirt directly through ChatGPT, with all the enterprise-grade security guarantees you'd expect: authenticated user, proper authorization, audit trails, and secure token management.

Why This Matters

What made this demo powerful wasn't just that it worked (though the live transaction certainly helped). It was what it represented: AI agents performing real business operations with enterprise-grade security, today.Under the hood, mcp.shop uses:

• MCP (Model Context Protocol) for the communication layer between ChatGPT and the application

• WorkOS Connect for OAuth 2.1 federation and identity management

• WorkOS AuthKit for user authentication and session management

• Dynamic client registration with proper security controls

The result? Developers can connect their existing applications—with existing user bases—to ChatGPT's 700 million users without complex migrations or security compromises. The authentication layer just works, handling token refresh, session management, and authorization automatically.

Agent Identity in Action

This demo perfectly illustrated the core thesis of Tobin's later talk on agent identity: AI agents aren't just users, and they're not quite service accounts either. They exist in a "fuzzy middle" where they act on behalf of users but operate at machine speed and scale.The mcp.shop demo showed how WorkOS handles this complexity:

• WHO: The authenticated user (Tobin) authorized ChatGPT to act on his behalf

• WHAT: Specific permissions were granted (view products, place orders) through OAuth scopes

• WHEN: Session management ensured the authorization remained valid across interactions

• WHERE: The transaction was logged and auditable, critical for enterprise compliance

As Tobin noted, mcp.shop is available as a demo repository for developers who want to build ChatGPT Apps SDK integrations. But more importantly, it's proof that the future of agent identity isn't theoretical—it's production-ready today.

‍And yes, you really can get an exclusive MCP shirt by asking ChatGPT. Just make sure your OAuth flow is properly configured first.

James Cowling Demos AuthKit for Platforms: Embedded Enterprise Auth for Convex

Following Tobin's demonstration of connecting apps to ChatGPT, Michael shifted gears to show how platforms themselves can embed WorkOS authentication directly into their services. To demonstrate this, he welcomed James Cowling, co-founder and CTO of Convex, to the stage.

Convex is a backend platform that provides real-time data synchronization for application developers—think of it as eliminating the entire complexity of keeping your frontend and database in sync. But as James explained, there's one critical piece every serious application needs: authentication.

The Platform Onboarding Dilemma

James got straight to the problem that has plagued every platform company trying to offer enterprise-grade auth:

"Almost any interesting application that stores critical state needs an auth story," he explained.

"Convex has built-in basic auth for our free users. But our customers skew very heavily towards real companies that want real enterprise-grade auth because they plan to scale their businesses. And this is a challenge for us."

The challenge? Developer onboarding. James emphasized that this wasn't just an inconvenience—it was an existential threat to conversion:

‍

"It's very important to me and to us and to our customers that this is a smooth experience. This is our magic moment. This is our chance to get people to be customers of Convex."

In the traditional model, developers had to:

1. Break out of the Convex onboarding flow at the critical moment

1. Navigate to a third-party auth provider

1. Go through a separate signup and onboarding process

1. Copy configuration credentials

1. Paste them back into Convex

1. Hope they hadn't lost momentum (and the customer) in the process

"What is very negatively impactful to our onboarding experience is that people have to break out of this flow, go to a third party, sign up for a different service, go through their onboarding flow, copy a bunch of configuration state, paste it into Convex, and we potentially lose them as customers in the process," James said. "And this is why I'm excited about AuthKit."The Demo: Five Seconds to Enterprise-Grade AuthWhat happened next was remarkable in its simplicity. James created a new Convex project live on stage, selecting an email address he confirmed he'd never used with WorkOS before.Then, something that normally takes hours happened in seconds:

1. Automatic Provisioning: Behind the scenes, Convex called WorkOS partner APIs to provision a new WorkOS environment

1. Instant Deployment: "The product is deployed," James announced. Total time: approximately 5 seconds.

1. Pre-configured Application: The live application appeared, running in the cloud with WorkOS authentication already integrated

1. Zero Configuration Required: When James navigated to the authentication settings panel, all the OAuth details that he "personally hates filling out anytime I'm building a Convex project" were already there

"This is interestingly the biggest friction for us," James noted. "People say they love the platform but it's a pain to get auth set up. So this solves this problem."

From Prototype to Production in One Flow

But James wasn't done. He demonstrated the second critical piece: the transition from quick prototype to production-ready application.After the instant setup, an email invitation appeared: "You've been invited to WorkOS." This allows developers to claim their WorkOS environment when they're ready, gaining access to:

• Full admin controls for their authentication setup

• The ability to configure SSO, SCIM, and other enterprise features

• Audit logs and compliance tools

• Everything needed for enterprise deployment

"So okay, cool, you're an enterprise now," James smiled. "You have a working application. It took you approximately 5 seconds to do so."

Morning Panels

The New Security Stack

The morning's first panel brought together Ahmad Nassri from Socket, Alan Braithwaite from Runreveal, Mokhtar Bacha from Formal, and Umaimah Khan from Opal Security to discuss how enterprise security is evolving in the age of AI.

You can read the full security panel write up here.

You can watch the full panel recording below:

The conversation surfaced a theme that would echo throughout the day: traditional security models weren't designed for autonomous agents making decisions and taking actions on behalf of users.

As one panelist put it, "Writing auth for MCP is like writing your own printer drivers." The comparison landed because it captured something essential about where we are with AI security.

Everyone knows it needs to be solved, the approaches are fragmented and immature, and most developers would rather use someone else's battle-tested solution than build their own.

The panel emphasized that "In Zero Trust we believe" is becoming the operational reality for companies shipping AI agents into enterprise environments.

AI Productivity in Practice

The second morning panel featured Claire Vo from ChatPRD, Cristina Cordova from Linear, Dani Grant from Jam, and Quinn Slack from Amp discussing how AI is actually changing how their teams work.

You can read the full panel recap here.

Rather than focusing on futuristic scenarios, the conversation stayed grounded in what's working today.

The biggest productivity gains weren't coming from replacing entire workflows with AI—they were coming from smoothing the rough edges of existing tools.

Searching through Linear issues faster, generating first drafts of PRs, summarizing long Slack threads. The magic was in the margins.

Lightning Demos

The afternoon kicked off with rapid-fire demonstrations from four companies solving different pieces of the enterprise puzzle.

Cosmo Wolfe from Metronome presented on how enterprise billing has fundamentally changed.

Metronome powers usage-based billing for OpenAI, Anthropic, Databricks, and Nvidia—companies that have had to invent new pricing models because their products don't fit traditional seat-based licensing.

Jon Morehouse from Nuon demonstrated their "Bring Your Own Cloud" approach, showing how enterprise customers increasingly want to run software in their own infrastructure with day-two operational controls.

Chris Kelly from Augment Code showcased their AI coding assistant, while David Cramer from Sentry demonstrated Seer, their AI-powered error resolution tool that can integrate with development tools like Cursor to automatically generate solutions for production issues.

WorkOS Product Announcements

WorkOS announced several product releases, each addressing a different aspect of enterprise readiness for AI applications.

Advanced RBAC

Pavan Kulkarni, Engineering Manager at WorkOS, walked through a detailed Figma case study that illustrated the complete lifecycle a startup goes through when building enterprise authorization.

His key takeaways hit home for many in the audience: each growth stage reshapes what your authorization system needs to do. The path typically goes from simple RBAC to ABAC to policy engines to fine-grained authorization, but there's no unified consensus on what an enterprise-scale solution should look like.

Identity for Agents

Tobin South from WorkOS's AI Agents team gave two presentations that bookended the identity challenges facing AI applications. Early in the day, he demonstrated MCP.shop, a working prototype that uses WorkOS authentication with the ChatGPT Apps SDK to let users order merchandise through a conversational interface.

The demo showed how AI interactions require the same identity and access control infrastructure that traditional applications need.

His later full session on identity for agents went deeper. The message was clear: the infrastructure for agent identity is already here.

WorkOS and AuthKit provide the same robust authentication, authorization, and audit capabilities for AI agents that enterprises already trust for human users.

When agents act on behalf of users, they need to carry user identity through multiple systems, respect existing permission boundaries, and leave audit trails. WorkOS makes this possible today.

WorkOS Pipes

Dan Dorman introduced WorkOS Pipes, a new product that addresses one of the most tedious parts of building integrations: managing OAuth tokens. Instead of every developer implementing their own OAuth flows, token refresh logic, and credential storage for each third-party service, Pipes provides fresh access tokens on demand.

The developer experience is clean:

const token = await workos.pipes.getAccessToken({
    userId: user.id,
    provider: 'github'
});

Developers then use these tokens directly with provider SDKs, maintaining full control while offloading security-critical token management to WorkOS.

API Keys for Agents

Nick Holden demonstrated WorkOS's new API key management system designed specifically for AI agents, with the key feature being immediate revocability.

When an agent misbehaves or a key gets compromised, you can shut it down instantly.

WorkOS Studio

WorkOS also unveiled Studio, an AI-powered integration platform that lets teams build connections and workflows between enterprise applications without writing extensive boilerplate code.

Studio addresses a common pain point: every company needs to move data between SaaS tools, but building and maintaining these integrations is time-consuming and repetitive.

Studio provides built-in connections to popular enterprise tools like Salesforce, all powered by WorkOS Pipes for authentication. But where it gets interesting is the AI-assisted workflow builder.

Need to connect to an app that doesn't have a pre-built integration? Studio can generate custom connections by reading API documentation and creating the necessary operations automatically.

The demo showed a practical use case: syncing event attendees from Luma into Salesforce contacts, complete with campaign tagging—all built through conversational prompts rather than manual API integration work.

Studio handles the auth flows, provides audit logs for compliance, and deploys workflows instantly. It's the kind of tool that transforms a multi-day integration project into a multi-minute conversation with an AI assistant.

Afternoon Panels

Engineering Leadership

The afternoon's first panel brought together Albert Strasheim from Rippling, Allan Leinwand from Webflow, Ashwin Sreenivas from Decagon, and Michael Grinich to discuss how engineering leadership changes when you're building AI-first products.

The conversation touched on hiring, architecture decisions, and organizational structure. There were fewer definitive answers than honest acknowledgments that everyone is still figuring this out.

Developer Experience for AI

Dustin Schau from Postman, Garrett Galow from WorkOS, James Cowling from Convex, and Meagan Gamache from Render discussed how developer tools need to evolve for AI applications.

The panel highlighted that traditional API design patterns don't always work well with LLM-based systems—streaming responses, token limits, rate limiting, and cost management all require rethinking how we build and document APIs.

Fireside Chat with Drew Houston

The day concluded with a fireside chat featuring Drew Houston, CEO and Co-Founder of Dropbox.

Afterparty! Evening at the Emporium

After the formal program wrapped at 5 PM, attendees headed to Emporium Arcade Bar for the official afterparty.

‍

Enterprise AI is Here

Throughout Enterprise Ready Conference, one theme kept surfacing: the gap between building AI that works in demos and building AI that enterprises will deploy isn't a model quality problem. It's an infrastructure problem.

Companies shipping AI products face a paradox. Their core technology moves faster than any software category in history, but the surrounding infrastructure—identity, authorization, audit logs, security controls—needs to be rock-solid before enterprise security teams will approve deployment.

The good news? The foundational infrastructure already exists. WorkOS and AuthKit provide the identity layer that makes AI agents enterprise-ready, with the same authentication, authorization, and compliance features that enterprises already trust.

The companies at Enterprise Ready Conference aren't waiting for standards to emerge—they're shipping AI products to enterprise customers today, built on proven infrastructure.

Want to learn more about making your AI application enterprise-ready? Check out WorkOS for authentication, authorization, and user management built for AI and modern applications.