Add directly External JWT Token  Exchange in the MCP server as a third auth option

Hello,

Today the MCP server supports two auth options : 
 
- oauth (recommended)
- PAT

We are using [Open WebUI](https://github.com/open-webui/open-webui) as our on premise AI platform.

Users are authenticated with OIDC to this platform. 

It can connect to external MCP servers and forward them directly the access_token in the bearer header.

As many MCP clients or UI use now OIDC/OAUTH for authentication and authorization, it will save lots of work if the Token Exchange could be directly processed inside the MCP server and not on the client side.

It could be implemented as a third option for authenticating : take the access_token passed in the bearer header and exchange it with a dremio instance token.

what do you think about this ?



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add directly External JWT Token Exchange in the MCP server as a third auth option #81

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add directly External JWT Token Exchange in the MCP server as a third auth option #81

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions