Skip to content

v0.2.4 — MCP OAuth/OIDC discovery for third-party clients

Choose a tag to compare

@keysersoft keysersoft released this 30 Jun 09:31

Fixed

  • MCP OAuth/OIDC discovery for third-party clients. Serve /.well-known/openid-configuration and the per-server oauth-authorization-server / oauth-protected-resource metadata (RFC 8414/9728). Clients that append the resource path during discovery — e.g. Microsoft Copilot Studio — can now complete the OAuth flow and connect. The 401 WWW-Authenticate header now points resource_metadata at the per-server document. Additive only; existing clients (Dynamic Client Registration, e.g. Claude) are unaffected.