MCP Auth
Replies: 1 comment 1 reply
-
|
Hi @msabramo , thanks a lot for your detailed feedback and for the kudos! Really appreciate you taking the time to try out MCP Auth. Regarding the invalid_request / “invalid ‘state’ parameter” issue: I’d recommend following this issue for updates: In the meantime, we’ll be updating our own Inspector fork to support this. Will keep you posted on the progress! |
Beta Was this translation helpful? Give feedback.
-
|
Thanks @xiaoyijun for the info! I took the info you provided and used it to create this PR: which works great for me with my corporate Okta instance. Please review and let me know what you think! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
First, kudos on this project! With the help of the excellent tutorial at https://mcp-auth.dev/docs/tutorials/whoami, I was able to get the JS version of the whoami MCP server using Keycloak. Writing docs for OAuth stuff that can actually be followed to completion is no small feat, so kudos on that!
My company actually uses Okta so that's what I really want to use, but I couldn't get it to work, which is why I went with Keycloak, to at least prove to myself that the library works and that the docs were reasonably easy to follow (which they were!)
When I tried to use this with Okta, I ran into this when click Connect in the MCP Inspector:
That led me to https://support.okta.com/help/s/article/the-authentication-request-has-an-invalid-state-parameter?language=en_US
which to my reading is saying that Okta requires this
stateparameter and I guess either the MCP Inspector or the mcp-auth JS library or the app is not providing it?Is this something that I could add to an app by defining a callback? Or would this require a change in the MCP Inspector or the mcp-auth JS library?
Thanks again!
Beta Was this translation helpful? Give feedback.
All reactions