GEO Jobe got into MCP by doing what we’ve always done: building tools that make ArcGIS more powerful for the people who use it every day. Our development team started by creating MCP servers that allow AI agents to generate and modify Esri’s out-of-the-box solutions, things like ArcGIS Dashboards and ArcGIS Story Maps. The idea is straightforward. Instead of spending hours manually configuring a dashboard or piecing together a Story Map, a user describes what they need and the agent builds it, pulling the right layers, setting up the right layouts, and publishing the finished product. Leadership can generate their own decision-ready products which utilize their real GIS data, all by using natural language without having to task one of their more technically oriented staff to create it for them. That work continues today, and we think it’s one of the most practical applications of agentic AI that GIS professionals and decision makers are going to encounter in the next year.
One question that is getting ignored:
Along the way, I asked our development team a question: how will these tools handle a real organization, where different users have different permissions in ArcGIS based on their licensing? I knew this was going to be an issue, and it seemed like everyone developing GIS MCP tools had skipped right past this in order to get to the “fun stuff” more quickly.
It may seem simple on the surface, but when you follow it through, the complexity becomes clear quickly. If a company wants to deploy MCP-powered tools across their entire organization (covering every analyst, every field technician, every team that touches GIS data), each user’s identity must be respected. ArcGIS permissions define what a person can see, create, edit, and publish. Those restrictions exist because organizations put thought into them. Data governance, licensing compliance, security policies. Any agentic workflow that sidesteps those restrictions cannot be utilized without inadvertently creating more risk than reward.
The underlying problem is that the identity a user has in their chat platform of choice (whether that’s Cursor, OpenWebUI, Microsoft Copilot, a custom interface, or any number of other options) will almost never match that same user’s identity in ArcGIS. They’re separate systems with separate authentication. When an AI agent needs to act on someone’s behalf inside an ArcGIS organization, something has to connect those two worlds in a way that actually respects who that person is and what they’re allowed to do.
The “easy” button: a service account!
Many organizations working through this today have landed on what initially seems like a reasonable workaround: the service account. Create a single ArcGIS account with administrator-level access, give those credentials to the agent, and let it run on behalf of everyone. This is the same pattern often employed for scripts that run in the background, and it hasn’t been an issue there.
The problem is, while this works in a narrow technical sense, the security implications are significant for agentic workflows. In a script, the actions taken by the service account are predictable and deterministic. In an agentic workflow, there is a level of reasoning applied to each request. After all, a user with read-only access to a sensitive feature service shouldn’t be able to trigger edits to that service by making a request to the agent, just because the agent holds admin credentials. Content that should have restricted sharing can get published without the right checks in place. Every permission boundary that an ArcGIS administrator puts in place gets quietly bypassed. And the more users you give access to the tools, the larger that exposure grows. A service account approach might be acceptable in a tightly controlled pilot, but it’s a real problem at the scale of most organizations.
The “correct” button: session-based agentic identity.
When we recognized this pattern, we made a deliberate call. GEO Jobe would not release ArcGIS MCP tools that depended on service accounts or treated all users as a single shared identity. Alongside our continued work on MCP servers for ArcGIS application creation, we took on the harder problem of giving users a way to sign into ArcGIS within their chat session, so that everything the agent does reflects their actual identity, their actual permissions, and their actual role in the organization.
When it works correctly, a user invoking an ArcGIS-connected agent gets the same experience they’d have working in ArcGIS directly. They can do what they’re licensed and permitted to do. Nothing more. The agent operates as an intelligent extension of that specific user rather than a passkey that unlocks the organization’s full administrative access. Making this work reliably across the many different platforms and environments where agents run is a genuinely hard problem. But it’s the only approach that holds up, and the GIS community deserves a solution.
Find out how GEO Jobe’s MCP tools can unlock agentic GIS power in your organization.
For GEO Jobe, getting ArcGIS Identity right is a foundational commitment. Every MCP tool we develop for GIS workflows is built around the principle that the actions need to happen under the right identity, with the right permissions. We’ll be showing our full solutions, including the ArcGIS application creation MCP servers and the session-based identity flow that makes them safe to deploy at scale, at the Esri User Conference in San Diego this July.
If you’re going to be at UC 2026, come find us. We’d love to show you what we’ve built in person. If you can’t make it, reach out and we’ll make sure you’re in the loop. The identity challenge in agentic GIS is something every organization is going to have to work through, and GEO Jobe has created an easy-to-use solution for it that we can’t wait to get in your organization’s hands.
About Our Company
GEO Jobe is a leading GIS software and geospatial solutions provider, serving more than 12,000 organizations globally. The company is most known for developing some of the industry’s most popular applications, including Admin Tools for ArcGIS, Backup My Org, Clean My Org, Manage My Attachments, and Symphony for ArcGIS.
GEO Jobe offers U.S.-based 24/7 Support for organizations using Esri’s ArcGIS© System. GEO Jobe also offers professional services focused on Esri’s ArcGIS System, including custom software development, enterprise solution implementation, data science and UAV data collection.
Founded in 1999, GEO Jobe has been in operation for more than 25 years and an Esri business partner since 2002, and is currently a Platinum Partner.
