Merge remote-tracking branch 'upstream/main' into patch-1

Author: connor4312

docs/clients.mdx

@@ -58,6 +58,7 @@ This page provides an overview of applications that support the Model Context Pr
 | [Tome][Tome]                                | ❌          | ❌        | ✅      | ❓                     | ❌          | ❌    | Supports tools, manages MCP servers.                                        |
 | [TypingMind App][TypingMind App]            | ❌          | ❌        | ✅      | ❓                     | ❌          | ❌    | Supports tools at app-level (appear as plugins) or when assigned to Agents  |
 | [VS Code GitHub Copilot][VS Code]           | ✅          | ✅        | ✅      | ✅                     | ✅          | ✅    | Supports dynamic tool/roots discovery, secure secret configuration, and explicit tool prompting |
+| [WhatsMPC][WhatsMPC]                        | ❌          | ❌        | ✅      | ❌                     | ❌          | ❌    | Supports tools for Remote MCP Servers in WhatsApp                          |
 | [Windsurf Editor][Windsurf]                 | ❌          | ❌        | ✅      | ✅                     | ❌          | ❌    | Supports tools with AI Flow for collaborative development.                  |
 | [Witsy][Witsy]                              | ❌          | ❌        | ✅      | ❓                     | ❌          | ❌    | Supports tools in Witsy.                                                    |
 | [Zed][Zed]                                  | ❌          | ✅        | ❌      | ❌                     | ❌          | ❌    | Prompts appear as slash commands                                            |
@@ -109,6 +110,7 @@ This page provides an overview of applications that support the Model Context Pr
 [VS Code]: https://code.visualstudio.com/
 [Windsurf]: https://codeium.com/windsurf
 [gptme]: https://github.com/gptme/gptme
+[WhatsMPC]: https://wassist.app/mcp/
 [Witsy]: https://github.com/nbonamy/witsy
 [Zed]: https://zed.dev
 [Resources]: https://modelcontextprotocol.io/docs/concepts/resources
@@ -574,6 +576,17 @@ Theia AI and Theia IDE's MCP integration provide users with flexibility, making
 - Tool calls with editable inputs and always-allow toggle
 - Integration with existing VS Code extension system to register MCP servers from extensions
 
+### WhatsMPC
+[WhatsMPC](https://wassist.app/mcp/) is an MCP client for WhatsApp. WhatsMCP lets you interact with your AI stack from the comfort of a WhatsApp chat.
+
+**Key features:**
+- Supports MCP tools
+- SSE transport, full OAuth2 support
+- Chat flow management for WhatsApp messages
+- One click setup for connecting to your MCP servers
+- In chat management of MCP servers
+- Oauth flow natively supported in WhatsApp
+
 ### Windsurf Editor
 [Windsurf Editor](https://codeium.com/windsurf) is an agentic IDE that combines AI assistance with developer workflows. It features an innovative AI Flow system that enables both collaborative and independent AI interactions while maintaining developer control.
 
@@ -592,6 +605,7 @@ Theia AI and Theia IDE's MCP integration provide users with flexibility, making
 - Easy-install from Smithery.ai
 - Open-source, available for macOS, Windows and Linux
 
+
 ### Zed
 [Zed](https://zed.dev/docs/assistant/model-context-protocol) is a high-performance code editor with built-in MCP support, focusing on prompt templates and tool integration.
 

docs/specification/draft/changelog.mdx

@@ -11,7 +11,8 @@ the previous revision, [2025-03-26](/specification/2025-03-26).
    (PR [#416](https://github.com/modelcontextprotocol/specification/pull/416)) 
 2. Added support for [structured tool output](https://modelcontextprotocol.io/specification/draft/server/tools#structured-content)
    (PR [#371](https://github.com/modelcontextprotocol/modelcontextprotocol/pull/371))
-3. TODO
+3. Classified MCP servers as [OAuth Resource Servers](https://modelcontextprotocol.io/specification/draft/basic/authorization#2-3-authorization-server-discovery), adding protected resource metadata to discover the corresponding Authorization server. (PR [#338](https://github.com/modelcontextprotocol/modelcontextprotocol/pull/338))
+4. Clarified [security considerations](https://modelcontextprotocol.io/specification/draft/basic/authorization#3-security-considerations) and best practices in the authorization spec and in a new [security best practices page](https://modelcontextprotocol.io/specification/draft/basic/security_best_practices).
 
 ## Other schema changes