Goal

Validate secure credential configuration, token handling, persistence, and error management for MCP servers in Lightspeed UI.

Scope

Test credential modal behavior, token masking, save/update/delete actions, backend validation, persistence across sessions, and secure error handling.

Acceptance Criteria

• Users can open a configuration modal for MCP servers requiring authentication.

• Token input fields are masked and stored tokens are never displayed in plain text.

• Users can save, overwrite, and clear credentials.

• UI reflects accurate credential status (Connected / Token Required / Error).

• Invalid or missing credentials display clear, actionable error messages.

• Credential state persists after refresh and re-login.

• Loading state is shown while fetching credential status.

• Save/update/delete failures are handled gracefully without breaking the UI.

• Sensitive information is never exposed in UI, logs, or error messages.

Out of Scope

• MCP server selection/toggling logic (covered separately)