Auth: Support manually setting a client ID and client secret #683
Description
Is your feature request related to a problem? Please describe.
Not all OAuth providers support dynamic client registration.
And the MCP specification accounts for this:
Any authorization servers that do not support Dynamic Client Registration need to provide alternative ways to obtain a client ID (and, if applicable, client credentials). For one of these authorization servers, MCP clients will have to either:
- Hardcode a client ID (and, if applicable, client credentials) specifically for the MCP client to use when interacting with that authorization server, or
- Present a UI to users that allows them to enter these details, after registering an OAuth client themselves (e.g., through a configuration interface hosted by the server).
Describe the solution you'd like
In the guided oauth flow, there should be an option to enter a client ID and a client secret instead of always assuming dynamic client registration.
Related
- Add support for initial access tokens in OAuth 2.0 Dynamic Client Registration #575 - +1 to also supporting initial access tokens for DCR, but the inspector should also support existing clients by entering a client ID / secret