-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
False
-
-
False
-
-
As a platform admin, I want to configure authentication credentials for MCP servers that are discovered or registered in the MCP Gateway, so that the gateway can securely communicate with those servers using their required auth methods (e.g., API keys or OAuth).
Considerations:
- Support configuring per-server authentication methods, including:
- Static API Key
- OAuth 2.0 https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization
- Store and associate auth configs securely per MCP server during registration
- wrap outgoing requests with appropriate auth headers or tokens
- Support rotating credentials
- avoid leaking secrets into logs
- possible to test server auth at registration time (e.g., health or ping request) ?
- Admins must be able to audit which credentials are configured for which servers
- Follow least privilege principles and minimize scope of access tokens where applicable
- is depended on by
-
OCPSTRAT-2297 Model Context Protocol (MCP) Gateway
-
- Refinement
-
- is related to
-
CONNLINK-508 Authentication of an MCP endpoint
-
- Closed
-
-
CONNLINK-509 Authorisation of MCP tools access
-
- Closed
-