MCP Auth Explained: Every Method, Direct and Through a Proxy (blog.dwornikowski.com) 1 points by tdi 8d ago ↗ HN
[–] mooreds 8d ago ↗ Enjoying this so far.> The MCP authorization spec is written entirely around user-delegated flows and does not define a machine-to-machine grant at all.is slightly wrong. There's a blessed extension: https://modelcontextprotocol.io/extensions/auth/oauth-client... [–] tdi 7d ago ↗ Thanks for this - I will update the post.
5 comments
[ 2.7 ms ] story [ 18.1 ms ] thread> The MCP authorization spec is written entirely around user-delegated flows and does not define a machine-to-machine grant at all.
is slightly wrong. There's a blessed extension: https://modelcontextprotocol.io/extensions/auth/oauth-client...