We need to verify that the MCP (Marketplace Connector Platform) correctly uses the authentication token provided by Lightspeed for all API requests.
This validation should ensure that:

• The MCP retrieves and stores the Lightspeed token securely.

• All outbound requests to Lightspeed services include the valid authentication token in the request headers.

• The token is refreshed or revalidated according to Lightspeed’s authentication requirements.

• Any unauthorized or expired token scenarios are properly handled (e.g., re-authentication or error logging).