Skip to content

Add OAuth PKCE login for HTTP MCP servers#4

Open
kuzaxak wants to merge 1 commit into
mcp2cli:mainfrom
kuzaxak:feat/logdeck-oauth-login
Open

Add OAuth PKCE login for HTTP MCP servers#4
kuzaxak wants to merge 1 commit into
mcp2cli:mainfrom
kuzaxak:feat/logdeck-oauth-login

Conversation

@kuzaxak

@kuzaxak kuzaxak commented Jul 9, 2026

Copy link
Copy Markdown

MCP servers such as LogDeck advertise OAuth metadata and expect clients to obtain their own bearer token instead of pasting one manually. The CLI only had a token-capture path, so a fresh configured HTTP server could not complete the standard authorization-code flow from auth login.

Add protected-resource discovery, dynamic client registration, loopback callback handling, PKCE S256, resource-bound token exchange, and storage through the existing token store. Keep the explicit bearer-token paths intact for CI and servers that issue tokens out of band.

Update the auth docs and protocol coverage so users can distinguish browser OAuth from direct bearer-token login, and document the remaining refresh/client-metadata gaps separately.

MCP servers such as LogDeck advertise OAuth metadata and expect clients to obtain their own bearer token instead of pasting one manually. The CLI only had a token-capture path, so a fresh configured HTTP server could not complete the standard authorization-code flow from auth login.

Add protected-resource discovery, dynamic client registration, loopback callback handling, PKCE S256, resource-bound token exchange, and storage through the existing token store. Keep the explicit bearer-token paths intact for CI and servers that issue tokens out of band.

Update the auth docs and protocol coverage so users can distinguish browser OAuth from direct bearer-token login, and document the remaining refresh/client-metadata gaps separately.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant