fix: update MCP Authentication specification links to the correct authorization path

kentcdodds · kentcdodds · commit db6dbe2b4bf3 · 2025-10-06T22:57:14.000-07:00
Closes MCP Auth Spec link is page not found #4
diff --git a/exercises/03.auth-info/README.mdx b/exercises/03.auth-info/README.mdx
@@ -74,4 +74,4 @@ sequenceDiagram
 - Use introspection to power user-specific features and permissions.
 
 - 📜 [OAuth 2.0 Token Introspection Spec](https://datatracker.ietf.org/doc/html/rfc7662)
-- 📜 [MCP Auth Spec](https://modelcontextprotocol.io/specification/2025-06-18/client/auth)
+- 📜 [MCP Auth Spec](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization)
diff --git a/exercises/05.scopes/01.problem.check-scopes/README.mdx b/exercises/05.scopes/01.problem.check-scopes/README.mdx
@@ -39,7 +39,7 @@ Once you have the scope validation utilities in place, you'll also need to add a
 
 This approach means users will only see the tools and features they're actually authorized to use, creating a smooth and intuitive experience that matches their permission level.
 
-📜 For more details on OAuth scopes and how they work in MCP servers, see the [OAuth 2.0 Scopes RFC](https://tools.ietf.org/html/rfc6749#section-3.3) and the [MCP Authentication Specification](https://modelcontextprotocol.io/specification/2025-06-18/server/auth).
+📜 For more details on OAuth scopes and how they work in MCP servers, see the [OAuth 2.0 Scopes RFC](https://tools.ietf.org/html/rfc6749#section-3.3) and the [MCP Authentication Specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization).
 
 <callout-danger>
 	At the time of this writing, there is a bug in the Cloudflare `McpAgent` that
diff --git a/exercises/05.scopes/README.mdx b/exercises/05.scopes/README.mdx
@@ -123,4 +123,4 @@ In this exercise, you'll learn how to:
 You'll also explore how to structure your scope validation logic for maintainability and how to provide clear error messages that help both developers and end users understand permission requirements.
 
 - 📜 [OAuth 2.0 Scopes RFC](https://tools.ietf.org/html/rfc6749#section-3.3)
-- 📜 [MCP Authentication Specification](https://modelcontextprotocol.io/specification/2025-06-18/server/auth)
+- 📜 [MCP Authentication Specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization)
diff --git a/exercises/README.mdx b/exercises/README.mdx
@@ -47,7 +47,7 @@ We'll be building a secure version of **EpicMe**, a personal journaling applicat
 
 This workshop uses the
 [OAuth 2.0 standard](https://tools.ietf.org/html/rfc6749) and follows the
-[MCP Authentication specification](https://modelcontextprotocol.io/specification/2025-06-18/server/auth),
+[MCP Authentication specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization),
 ensuring your skills transfer to any OAuth-compatible system.
 
 We'll be using:
