From ad66be21f56eef9983ed2af53caf2cacd8445f55 Mon Sep 17 00:00:00 2001 From: Michelle Mabuyo Date: Thu, 21 Aug 2025 16:06:29 -0400 Subject: [PATCH] change wording around mcp auth spec --- docs/source/guides/auth.mdx | 4 +--- docs/source/limitations.mdx | 6 +----- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/docs/source/guides/auth.mdx b/docs/source/guides/auth.mdx index 86a874af..3b84f4be 100644 --- a/docs/source/guides/auth.mdx +++ b/docs/source/guides/auth.mdx @@ -4,9 +4,7 @@ title: Authorization with Apollo MCP Server The Apollo MCP server supports authorizing clients (e.g., LLMs) in accordance with [the MCP specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization). - - The current implementation passes through OAuth tokens from MCP clients directly to upstream GraphQL APIs, which violates the MCP specification. See [Limitations](/apollo-mcp-server/limitations#authorization-token-passthrough) for details and security considerations. - +The current implementation passes through OAuth tokens from MCP clients directly to upstream GraphQL APIs. You can read more about [security considerations](/apollo-mcp-server/limitations#oauth-token-passthrough) when using this feature. ## Implement authorization with Apollo MCP Server diff --git a/docs/source/limitations.mdx b/docs/source/limitations.mdx index b30395d7..4e3b6f59 100644 --- a/docs/source/limitations.mdx +++ b/docs/source/limitations.mdx @@ -14,13 +14,9 @@ This feature is [experimental](/graphos/resources/feature-launch-stages#experime Apollo MCP Server currently passes through OAuth tokens received from MCP clients directly to upstream GraphQL APIs. -This behavior violates the [MCP Authorization specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization), which states: - -> "If the MCP server makes requests to upstream APIs, it may act as an OAuth client to them. The access token used at the upstream API is a separate token, issued by the upstream authorization server. The MCP server MUST NOT pass through the token it received from the MCP client." - #### Rationale -The decision to pass through tokens stems from practical enterprise requirements that conflict with the MCP specification: +The decision to pass through tokens stems from practical enterprise requirements that may conflict with the MCP specification. For example: - **Multi-user scenarios**: Enterprise GraphQL APIs often require direct user identity to perform granular access control and tenant isolation. - **Existing enterprise patterns**: Many organizations have GraphQL APIs that depend on the original Authorization header to identify users and apply existing identity-based access controls.