Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Comments

Close side panel

WIP: Authorization spec fast-follow#401

Merged
localden merged 5 commits intomainmodelcontextprotocol/modelcontextprotocol:mainfrom
localden/authmodelcontextprotocol/modelcontextprotocol:localden/authCopy head branch name to clipboard
Apr 24, 2025
Merged

WIP: Authorization spec fast-follow#401
localden merged 5 commits intomainmodelcontextprotocol/modelcontextprotocol:mainfrom
localden/authmodelcontextprotocol/modelcontextprotocol:localden/authCopy head branch name to clipboard

Conversation

@localden
Copy link
Contributor

Following-up on #338 with minor clarifications.

Co-authored-by: David Soria Parra <167242713+dsp-ant@users.noreply.github.com>

MCP servers **MUST** implement OAuth 2.0 Protected Resource Metadata ([RFC9728](https://datatracker.ietf.org/doc/html/rfc9728))
specification to indicate the locations of authorization servers. The Protected Resource Metadata document returned by the MCP server **MUST** include
the `authorization_servers` field containing at least one authorization server.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we recommend that there is only one listed for simplicity sake?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that makes sense. I will tweak the verbiage.

@localden localden merged commit 99477d6 into main Apr 24, 2025
5 checks passed
@localden localden deleted the localden/auth branch April 24, 2025 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants

Morty Proxy This is a proxified and sanitized view of the page, visit original site.