Model Context Protocol (MCP) has recently released a new iteration of the authorization specification. This enables a discovery flow for protected MCP servers, where they rely on OAuth 2.0 Protected Resource Metadata (RFC9728) documents to provide information about the authorization server(s) (AS) used by teh MCP server.

Rough flow

1. Remote protected MCP server is connected to VS Code (MCP client).
2. VS Code initiates a connection.
3. Server responds with a HTTP 401 Unauthorized and a WWW-Authenticate header that contains a resource_metadata field, which encapsulates a pointer to the PRM document.
4. VS Code reads the PRM document and extracts AS information.
5. VS Code initiates the discovery process with the AS using conventional /.well-known endpoints.
6. Depending on the AS, VS Code either performs OAuth 2.0 Dynamic Client Registration (RFC7591) or uses the built-in client ID.
7. With the information at hand, VS Code initiates the authorization via authorization code flow with PKCE.

Reference items

• MCP Spec Change