Updated 0115
Lol, turns out there was already a ready-made solution and I was here drawing diagrams from scratch π
I’ve been experimenting with building some MCP servers lately. When dealing with multiple users, authorization becomes a concern.
MCP clients (Agents) currently need to complete authorization when connecting to an MCP server, i.e., at initialization time.
I mapped out two MCP OAuth flows for reference in future development.
Case 1: The third-party app natively supports OAuth. This is the simpler case β just authorize directly with the third-party app, and the Agent can call tools normally.
Case 2: The third-party app doesn’t support OAuth. In this case, you need to set up an OAuth Web/App as a proxy layer.
