You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _posts/2025-05-21-secure-mcp-client.adoc
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,7 +25,7 @@ image::poem_service_architecture.png[Poem Service Architecture,align="center"]
25
25
26
26
As you can see in the diagram above, the user logs in into the Quarkus REST `Poem Service` application endpoint. To support the user request to create a poem, the `Poem Service` uses `AI Gemini` and requests `MCP Client` to complete a tool call to help `AI Gemini` to find out the name of the logged-in user.
27
27
28
-
A very important point is that both `Poem Service` and `MCP Client` are part of the same single Quarkus REST application that only users who logged in with GitHub can access. The users do not login to `MCP Client`, they login to the `Poem Service` application, using the `MCP client` is an implementation detail of how this application completes the user request.
28
+
An essential point is that both `Poem Service` and `MCP Client` are part of the same single Quarkus REST application that only users who logged in with GitHub can access. The users do not login to `MCP Client`, they login to the `Poem Service` application, using the `MCP client` is an implementation detail of how this application completes the user request.
29
29
30
30
Therefore, this demo does not demonstrate an implementation of the https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization[MCP Authorization] flow which is primarily of interest to public MCP clients implemented as Single-page applications (SPA), such as as Anthropic Claude, that will be able to initiate a user login into an imported MCP server.
0 commit comments