From obie-skills
Implements MCP server authentication with OAuth Dynamic Client Registration (RFC 7591), PKCE, and per-agent credential support for bearer tokens and API keys.
How this skill is triggered — by the user, by Claude, or both
Slash command
/obie-skills:mcp-oauth-setupThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Implement flexible authentication for MCP (Model Context Protocol) server connections.
Implement flexible authentication for MCP (Model Context Protocol) server connections. For OAuth providers, auto-discover endpoints and dynamically register as a client — the user just provides the MCP server URL and clicks "Connect." For bearer/API key providers, support both admin-shared and per-agent credentials so different agents can authenticate with different accounts.
The OAuth implementation relies on three RFCs:
.well-known/oauth-authorization-serverNot all MCP servers use OAuth. Some (e.g., Render) use bearer tokens with API keys and handle account/workspace selection at the MCP protocol level. The credential system must be auth-type-agnostic.
credential_mode applies to all auth types (bearer, api_key_header, oauth), not
just OAuth. This is a critical design decision — different agents may need their own
credentials for the same MCP server (e.g., different Render accounts, different Linear
workspaces).
credential_mode = "shared" → Admin provides one credential, all agents use it
credential_mode = "per_agent" → Each agent has its own credential
Admin clicks "Connect"
|
v
Discover OAuth metadata (RFC 8414)
| GET /.well-known/oauth-authorization-server
v
Register as OAuth client (RFC 7591)
| POST /oauth/register
v
Redirect to provider consent screen
| GET /oauth/authorize?client_id=...&code_challenge=...
v
Provider redirects back with code
| GET /callback?code=...&state=...
v
Exchange code for tokens
| POST /oauth/token
v
Store tokens, sync tools
Create two tables: one for MCP server configuration (including OAuth metadata and shared tokens), and one for per-agent credentials (works for any auth type).
Refer to references/schema.md for complete migration and model setup.
Key design decisions:
encrypts :oauth_client_id, etc.)credential_mode ("shared" or "per_agent") — applies to ALL auth types, not just OAuthdiscovered_tools as a JSON array for tool name trackingAgentMcpConnection.access_token stores OAuth tokens, bearer tokens, or API keysImplement three model methods on the MCP server record. Refer to references/oauth_flow.md
for complete implementation code.
Discovery (discover_oauth_metadata!):
.well-known/oauth-authorization-server URL from the MCP server's hostauthorization_endpoint, token_endpoint, registration_endpoint, scopes_supportedRegistration (register_oauth_client!):
client_name, redirect_uris, grant_types, response_types, token_endpoint_auth_methodclient_id and client_secretclient_id is already presentCombined (discover_and_register_oauth!):
redirect_uri parameter for the registration payloadCreate an OAuth controller with authorize and callback actions.
Refer to references/oauth_flow.md for the full controller implementation.
Critical pitfalls to avoid:
Turbo Drive cross-origin redirects: Standard redirect_to with an external URL is
silently swallowed by Turbo Drive because it cannot follow cross-origin 302 redirects. The
browser stays on the current page with no feedback. Render an HTML page with
<meta http-equiv="refresh" content="0;url=..."> for the external OAuth redirect instead.
State parameter: Use a signed, expiring message (e.g., Rails message_verifier) containing
the connector ID, PKCE code verifier, optional agent ID, and timestamp. Set 10-minute expiry.
String keys from message verifier: After verifying the state token, the payload uses
string keys not symbol keys. Access with payload["connector_id"], not payload[:connector_id].
PKCE (S256): Generate a random code_verifier, compute code_challenge as URL-safe Base64
of SHA-256 digest with no padding. Send challenge in authorize request, verifier in token exchange.
Error redirects: When agent_id is present in state, redirect errors back to the agent
edit page, not the connectors index. The user initiated from the agent form and should return there.
Auto-sync on first agent connection: For per-agent OAuth, the admin may not have their own account. When the callback stores the first per-agent token, auto-sync tools using that agent's token if tools haven't been discovered yet.
Mount the OAuth authorize as a member action on the connector resource, and the callback as a standalone route (since it doesn't carry a connector ID — that comes from state).
resources :connectors do
member do
get "oauth/authorize", to: "mcp_oauth#authorize", as: :mcp_oauth_authorize
end
end
get "mcp_oauth/callback", to: "mcp_oauth#callback", as: :mcp_oauth_callback
Note on Rails route helper naming: A member route mcp_oauth_authorize on resources :connectors
generates mcp_oauth_authorize_connector_path(connector) — the resource name comes last.
This is a common source of NoMethodError bugs.
Implement token refresh for both shared and per-agent OAuth tokens.
Refer to references/oauth_flow.md for the ensure_token_fresh! pattern.
token_expires_at < 5.minutes.from_now)with_lock for thread-safe updates on shared tokensAfter connection, sync available tools from the MCP server.
Refer to references/tool_sync.md for the complete implementation.
The MCP Streamable HTTP protocol requires a two-step handshake:
initialize JSON-RPC request to get a Mcp-Session-Id headertools/list with the session ID headerCritical details:
Accept: application/json, text/event-stream — some servers return 406 without thisMcp-Session-Id from the initialize response must be included on subsequent requestssync_tools! must accept an agent: parameter for per-agent auth token resolutionRefer to references/ui_patterns.md for form and index view patterns.
Connector form:
credential_mode radio (Shared vs Per-agent) applies to ALL auth types, not just OAuthauth_type AND credential_modeConnectors index:
Agent edit form — three states for per-agent connectors:
Tested and confirmed working with:
https://mcp.linear.app/mcp) - 45 tools, SSE response format, OAuthhttps://mcp.sentry.dev/mcp) - 14 tools, standard JSON responses, OAuthhttps://mcp.granola.ai/mcp) - 4 tools, standard JSON responses, OAuthhttps://mcp.render.com/mcp) - 24 tools, bearer token auth (no OAuth), per-agent API keys| Symptom | Root Cause | Fix |
|---|---|---|
| Page stays on form after create, no redirect | Turbo Drive swallows cross-origin 302 | Use HTML meta refresh instead of redirect_to |
NoMethodError on route helper | Wrong helper name ordering | Member route on :connectors generates mcp_oauth_authorize_connector_path |
payload[:connector_id] returns nil | Message verifier returns string keys | Use payload["connector_id"] |
| 406 from MCP server | Missing Accept header | Add Accept: application/json, text/event-stream |
| 400 "Mcp-Session-Id required" | Skipped initialize handshake | Send initialize first, use returned session ID |
| JSON parse error on tool sync | Server returns SSE format | Detect and parse both text/event-stream and JSON |
| Token exchange fails silently | Missing code_verifier in token request | Include PKCE verifier from signed state |
| OAuth discovery 404 | MCP server doesn't use OAuth | Use bearer or API key auth instead; not all MCP servers support RFC 8414 |
| Per-agent connector shows no tools | Admin can't sync without a token | Tools auto-sync on first agent connection |
| Error redirect goes to wrong page | agent_id not checked in rescue | Redirect to agent edit when agent_id present |
npx claudepluginhub joshuarweaver/cascade-code-general-misc-2 --plugin obie-skillsImplements MCP server authentication using OAuth dynamic client registration (RFC 7591/8414), PKCE, bearer tokens, and API keys for admin UIs. Supports per-agent credentials, metadata discovery, token exchange, and tool sync for providers like Linear, Sentry.
Declares auth scopes, configures JWT/OAuth modes, and enforces multi-tenancy on tools and resources in `@cyanheads/mcp-ts-core` projects.
Enforces authentication for agents connecting to MCP servers via MCP clients using SPIFFE/SPIRE+mTLS or OAuth fallback.