Skip to content

Elicitation: clarify auth URL language in external OAuth guidance #1812

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pcarleton merged 1 commit into from
Nov 13, 2025
Merged

Elicitation: clarify auth URL language in external OAuth guidance #1812

pcarleton merged 1 commit into from
Nov 13, 2025
+6 −5

Conversation

@nbarbettini
Copy link
Contributor

@nbarbettini nbarbettini commented Nov 13, 2025

Motivation and Context

Follow-up to #887 to clarify some implementation guidance language.

How Has This Been Tested?

n/a

Breaking Changes

n/a

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

@nbarbettini nbarbettini changed the title Elicitation: clarify language on auth URL in external OAuth guidance Elicitation: clarify auth URL language in external OAuth guidance Nov 13, 2025
nbarbettini
nbarbettini commented Nov 13, 2025
View reviewed changes
docs/specification/draft/client/elicitation.mdx
Comment on lines +635 to +638
4. The user completes the OAuth flow directly with the third-party authorization server
5. The third-party authorization server redirects back to the MCP server
6. The MCP server securely stores the third-party tokens, bound to the user's identity
7. Future MCP requests can leverage these stored tokens for API access to the third-party resource server
Copy link
Contributor Author

@nbarbettini nbarbettini Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(4 and below are unchanged)

@nbarbettini nbarbettini marked this pull request as ready for review November 13, 2025 15:21
@nbarbettini nbarbettini requested a review from a team as a code owner November 13, 2025 15:21
pcarleton
pcarleton approved these changes Nov 13, 2025
View reviewed changes
Copy link
Member

@pcarleton pcarleton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pcarleton pcarleton merged commit 8e22f64 into modelcontextprotocol:main Nov 13, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pcarleton pcarleton pcarleton approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nbarbettini @pcarleton