Skip to main content

Protect an application

This section takes one MCP server from unprotected to launched: every tool call requires a valid OAuth token with the right scopes, and admins control access from the dashboard without touching your code. Budget ~15 minutes for a first pass.

Before you start

The path

Each step is one page, one dashboard tab, one decision:

StepPageYou decide
1Register an applicationName, public URL, protected path, scope vocabulary
2Set up the environment and SDKCredentials, env vars, and the mount_mcp wiring
3Run the protection testEight checks that show exactly where your setup stands
4Tool inventoryHow AuthSec learns your tool list (manifest or scan)
5Define scopesThe permission vocabulary
6Map tools to scopesWhich scope gates each tool — deny by default
7Access policy & default roleWho gets which role, and what a new caller receives
8LaunchFlip enforcement on
9Clients and connectionsWho may call: DCR, CIMD, pre-registered
10MonitorWatch drift and runtime after launch

In a hurry? From zero to launched is the same path condensed to one page. Prefer code-first? Protect your MCP server (Python) walks the identical flow from the SDK side.

What you'll have at the end

  • Unauthenticated calls → 401 with a WWW-Authenticate challenge that tells agents where to authenticate
  • Valid token, missing scope → 403 insufficient_scope for that tool
  • Valid token, granted scope → the tool runs — and tools/list is filtered to what the caller may see
  • Policy changes propagate to your running server in ~30 seconds, no redeploy

Then: nothing can call it yet

Launching enforces policy — it doesn't hand out tokens. The next section onboards your callers:

→ Connect agents and services — service accounts (client secret, private-key JWT, Kubernetes/SPIFFE) and AI agents acting on behalf of users (ID-JAG).