Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Validation of response_modes_supported member of OAuthMetadata is too strict #1242

New issue
Copy link
New issue
Copy link
Closed
#1243
Closed
Validation of response_modes_supported member of OAuthMetadata is too strict#1242
#1243
Copy link
@joesavage-silabs

Description

@joesavage-silabs
joesavage-silabs
opened on Aug 6, 2025
Issue body actions

Initial Checks

Description

Authentication providers such as Keycloak support an OAuth2 extension called JARM (JWT Secured Authorization Response Mode) which defines new values for the response_modes_supported member of the OAuthMetadata response. See https://openid.net/specs/oauth-v2-jarm.html#name-response-encoding for details.

The pydantic model for OAuthMetadata only allows certain values in the response, which causes the model construction and remainder of the auth flow to fail.

I would propose relaxing the validation such that response_modes_supported is simply a list[str].

Example Code



Python & MCP Python SDK


python 3.13
mcp v1.12.3

Reactions are currently unavailable
Metadata
Metadata
Assignees
No one assigned
    Labels
    No labels
    No labels
    Type
    No type
    Projects
    No projects
    Milestone
    No milestone
    Relationships
    None yet
    Development
    No branches or pull requests
    Issue actions
      
      
      




  
      

      

    
      
  
      

  
      

          



    




  

    

    

    





    
      
    
      
    
      
  


      
  
      
    
    Morty Proxy
    
    This is a proxified and sanitized view of the page, visit original site.