II.
Page JSON
Structured · livepage:process-gaps-GAP-L1-P1-mcp-oauth-resource-server
GAP-L1-P1-mcp-oauth-resource-server json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "page:process-gaps-GAP-L1-P1-mcp-oauth-resource-server",
"_kind": "Page",
"_file": "wiki/process/gaps/GAP-L1-P1-mcp-oauth-resource-server.md",
"_cluster": "wiki",
"attributes": {
"nodeKind": "Page",
"title": "GAP-L1-P1-mcp-oauth-resource-server",
"displayName": "GAP-L1-P1-mcp-oauth-resource-server",
"slug": "process/gaps/GAP-L1-P1-mcp-oauth-resource-server",
"articlePath": "wiki/process/gaps/GAP-L1-P1-mcp-oauth-resource-server.md",
"article": "# GAP-L1-P1-mcp-oauth-resource-server\n\n| Field | Value |\n|---|---|\n| id | gap:mcp-oauth-resource-server |\n| title | MCP OAuth Resource Server classification + RFC 8707 Resource Indicators not modeled |\n| level | 1 |\n| priority | P1 |\n| discoveredAt | 2026-04-28T00:00:00Z |\n| source | https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization |\n| status | closed |\n| owner | tbd |\n\n## Current state\n`Provider.authMethods` enumerates `api-key,oauth,browser-login,service-account,iam,device-code`. `ToolServer` has no auth attribute at all. The 2025-06-18 MCP revision classifies MCP servers as **OAuth Resource Servers** (RFC 6749 §1.4) and requires clients to implement Resource Indicators (RFC 8707) to prevent token-theft attacks. The schema cannot express any of this.\n\n## Desired state\n- Add `ToolServer.authProfile` attribute with shape `{ kind: enum<none,bearer,oauth-resource-server,custom>, protectedResourceMetadataUrl?: url, authorizationServerUrl?: url, requiresResourceIndicators: bool }`.\n- New NodeKind `AuthorizationServer` with `endpoints`, `discoveryUrl`, `signingKeySource`.\n- Edge `ToolServer protected_by AuthorizationServer`.\n- Coverage-checklist `Unified auth envelope across providers` OpenQuestion can be partially resolved by referencing this model.\n\n## Evidence\n- https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization\n- https://modelcontextprotocol.io/specification/2025-06-18/basic/security_best_practices\n- RFC 8707 (Resource Indicators)\n\n## Propagation status\n- Level 1: open\n- Level 2: not-started — `secrets-interface` and `identity-interface` cross-refs need updating\n\n## Propagation chain\n- Level 1: NodeKind, edge, attribute extension.\n- Level 2: links to ExtensionInterface `iface:identity-interface` and `iface:secrets-interface` documentation.\n\n## Notes\nSecurity gap: schema cannot represent the modern MCP auth model that real servers now require.\n\n## Resolution (2026-04-28)\nClosed (capability-level). `capability:mcp-oauth-resource-server` and `capability:mcp-protocol-version-header` capture the 2025-06-18 auth surface. Full `AuthorizationServer` NodeKind + `protected_by` edge remain a future enhancement tracked separately if needed; the capability binding plus `claude-code-mcp-oauth-resource-server` CapabilitySupport entry is sufficient for the catalog query patterns we have today.\n",
"documents": []
},
"outgoingEdges": [],
"incomingEdges": [
{
"from": "page:process-gaps",
"to": "page:process-gaps-GAP-L1-P1-mcp-oauth-resource-server",
"kind": "contains_page"
}
]
}