Skip to content

spec(auth, draft): clarify pre-provisioned registration fallback#1506

Closed
monmohan wants to merge 2 commits intomodelcontextprotocol:mainfrom
monmohan:patch-1
Closed

spec(auth, draft): clarify pre-provisioned registration fallback#1506
monmohan wants to merge 2 commits intomodelcontextprotocol:mainfrom
monmohan:patch-1

Conversation

@monmohan
Copy link
Copy Markdown

@monmohan monmohan commented Sep 20, 2025
edited
Loading

Summary
Minor clarifications to the Draft Authorization spec to make pre-registration a first-class fallback when DCR is unavailable or enterprise policy requires it.

Changes

  • In the draft “Authorization” page, replace the “hardcode or present UI” section with:
    • a client MUST to support a pre-provisioned path (via user input or managed configuration), and
    • a server MUST to provide a non-DCR registration path to obtain a client_id (e.g., administrative portal), allowing users/administrators to supply required client metadata (e.g., redirect URIs).
  • Removed the prior security note and all references to credentials to keep this PR narrowly scoped.
  • Formatting-only fix for docs/clients.mdx to satisfy Prettier CI (No content changes).

Motivation and Context
Many enterprises require pre-registered/static clients for change control, scoped blast radius, and incident isolation. This gives a spec-blessed fallback to DCR, that popular clients can implement with minimal work.

How Has This Been Tested?
Doc-only change. No code changes.

Breaking Changes
None. Backward compatible; no protocol flow changes.

Types of changes

  • Bug fix
  • New feature
  • Breaking change
  • Documentation update

Checklist

  • I’ve read the MCP documentation.
  • My change only updates documentation.
  • I’ve verified formatting/markdown renders correctly in preview.

Additional context
This change reflects discussion in the MCP WG Discord (Aug 23–26, 2025) on pre-registration, with input from Paul Carleton (Anthropic) and others. It captures:

  • Agreement that supporting a pre-registration fallback alongside DCR is a pragmatic choice.
  • Concern about client-secret sprawl and rotation/lifecycle risks.
  • Enterprise need for predictable/manual configuration in addition to DCR.

Discord link: https://discord.com/channels/1358869848138059966/1408762963807961138

@monmohan monmohan requested review from a team September 20, 2025 17:15
@monmohan monmohan requested a review from a team as a code owner October 4, 2025 15:47
@monmohan monmohan requested a review from a team October 4, 2025 15:47
@monmohan monmohan closed this Oct 4, 2025
@monmohan monmohan reopened this Oct 4, 2025
@monmohan monmohan requested a review from a team October 4, 2025 17:14
@monmohan monmohan changed the title spec(auth): pre-provisioned registration fallback + minimal security note spec(auth, draft): clarify pre-provisioned registration fallback Oct 4, 2025
@monmohan
Copy link
Copy Markdown
Author

monmohan commented Oct 4, 2025

@D-McAdams Thanks for the Discord feedback. I’ve updated this PR to address it:

  • Removed all mentions of client_secret / credentials and kept this focused on a pre-registered client_id as an alternative to DCR.
  • The change targets the draft authorization spec.

This should clarify the fallback path without overlapping with the client-credentials work. PTAL when you have a moment.

TylerLeonhardt
TylerLeonhardt reviewed Oct 6, 2025
View reviewed changes
docs/specification/draft/basic/authorization.mdx
Comment on lines +209 to +218
### Pre-provisioned registration fallback

MCP **clients MUST** support a pre-provisioned registration path in addition to Dynamic Client Registration (DCR). Clients **MUST** provide either:

1. A user-facing input mechanism for a pre-provisioned `client_id`; or
2. A managed configuration mechanism (e.g., a configuration file).

When a corresponding authorization server does not support DCR—or when enterprise policy requires pre-registration, clients **MUST** allow users or administrators to supply these values.

**Authorization servers** that do not support DCR **MUST** provide a non-DCR mechanism to register a client and obtain the resulting `client_id` (e.g., an administrative portal), allowing **users or administrators** to supply any required **client metadata** (such as redirect URIs) during registration.
Copy link
Copy Markdown
Contributor

@TylerLeonhardt TylerLeonhardt Oct 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has changed the requirement on clients. Before, clients could only support DCR. Now, you are saying clients MUST support pre-provisioned registration even if they do support DCR.

I think at the very least, this should be changed to a SHOULD. This flow is riddled with problems because it requires users/admins to correctly configure said client metadata...something that users can and will get wrong. This will cause toil both for the users and for the client implementors who will get plenty of issues opened on them that "my client isn't connecting to my MCP server" when really it was the user who misconfigured it.

I understand that this is a stopgap for Auth Servers that don't support DCR, but the UX burden is a lot, and I think this should be heavily considered before we go forcing every client to support this flow.

Copy link
Copy Markdown

@D-McAdams D-McAdams Oct 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Tyler,
This is mainly a clarification of the existing verbiage in the spec, which already required pre-provisioned registration as a fallback. It appears that VS Code has already implemented this functionality based on the original wording of the spec. microsoft/vscode#252892
Given the nature of this change as clarifying the existing text rather than adding new requirements, and that VS Code has already implemented it, do you still have concerns with it?

Copy link
Copy Markdown
Contributor

@TylerLeonhardt TylerLeonhardt Oct 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I got mixed up by the original text, good we're clarifying it 😄 seems like it was always expected that there is some mechanism for handling AS that don't support DCR.

Yes, VS Code already supports this flow as a fallback to DCR.

@bc-pi
Copy link
Copy Markdown

bc-pi commented Oct 13, 2025

Wanted to reiterate something I wrote over in the Discord thread in support of this:

Very much agree with the longer-term potential of CIMD in and out of the enterprise context. But pre-registration has been and remains a common pattern (the predominant one even) so I believe acknowledging and accommodating that reality is indeed the pragmatic thing to do.
Also note that pre-reg'd clients don't have to use symmetric secrets - they can be public clients but also can use asymmetric client authentication methods.

@monmohan
Copy link
Copy Markdown
Author

monmohan commented Nov 16, 2025

After reviewing the updated docs/specification/draft/basic/authorization.mdx, I can see that preregistration fallback and prereg support are now covered there (Preregistration section# 5.2).

That effectively captures what I was aiming for with this PR, so I’m going to close this as superseded by SEP-991 / PR #1296

Thanks to everyone who weighed in on the earlier discussion—glad to see preregistration clarified in the spec.

@monmohan monmohan closed this Nov 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@D-McAdams D-McAdams D-McAdams approved these changes

+1 more reviewer

@TylerLeonhardt TylerLeonhardt TylerLeonhardt left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@monmohan @bc-pi @TylerLeonhardt @D-McAdams