MCP OAuth
Protect hosted MCP endpoints with resource metadata, DCR/CIMD, PKCE, and audience checks.
Hosted MCP identity
GraphJin serves MCP at:
/api/v1/mcpWhen OAuth is enabled, GraphJin can advertise protected-resource metadata and authorization-server metadata for clients that understand the MCP OAuth flow.
mcp:
oauth:
enabled: true
mode: builtin
scopes: ["mcp"]Verified by
TestMCPOAuthProtectedResourceMetadata
serv/mcp_oauth_test.go:17Verified by
TestMCPOAuthAuthorizationServerMetadataIncludesDCRCIMD
serv/mcp_oauth_test.go:45Audience checks
Tokens must match the expected MCP resource/audience. Wrong-audience requests are rejected with a challenge rather than silently accepted.
Verified by
TestNewMCPAuthHandlerRejectsWrongAudienceWithChallenge
serv/mcp_oauth_test.go:106Client expectations
Hosted MCP clients discover the protected resource metadata before authorization. A working setup should expose:
| Surface | Purpose |
|---|---|
| Protected resource metadata | Tells the client which MCP resource it is requesting access to. |
| Authorization server metadata | Publishes issuer, token endpoint, PKCE support, and DCR/CIMD support. |
| Audience/resource validation | Prevents a token minted for one MCP server from being replayed against another. |
mcp:
oauth:
enabled: true
mode: builtin
issuer: https://graphjin.example.com
audience: https://graphjin.example.com/api/v1/mcpValidate hosted MCP with the same care as the GraphQL endpoint: TLS, resource audience, allowed origins, token lifetime, and whether raw GraphQL or mutation tools are advertised for the current caller.
Verified by
TestValidateMCPOAuthConfig
serv/mcp_oauth_test.go:239