docs: clarify that setting OAUTH_ISSUER enables OAuth #188
Conversation
|
Thanks for the contribution! Before we can merge this, we need @AryanBagade to sign the Salesforce Inc. Contributor License Agreement. |
There was a problem hiding this comment.
Pull request overview
This PR clarifies how to enable OAuth in the MCP server by making it explicit that setting the OAUTH_ISSUER environment variable is the key action required. The changes address user confusion reported in issue #185.
Key Changes:
- Added a new "How to Enable OAuth" section that explicitly states setting
OAUTH_ISSUERenables OAuth - Enhanced the
OAUTH_ISSUERvariable description with bold text and clearer examples - Listed the automatic defaults that apply when OAuth is enabled (TRANSPORT=http, AUTH=oauth)
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
docs/docs/configuration/mcp-config/oauth.md |
Added new section explaining how to enable OAuth, updated variable descriptions with clearer examples and automatic defaults |
docs/docs/configuration/mcp-config/authentication/oauth.md |
Added explicit statement that OAuth is enabled by setting OAUTH_ISSUER, updated cross-reference text for clarity |
Review Summary: The documentation changes are clear, well-structured, and free from issues. The PR successfully addresses the confusion about how to enable OAuth by explicitly stating that setting OAUTH_ISSUER is the enabling action. No issues were identified during the review.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
I have signed CLA! |
|
Close and reopen to poke the CLA bot |
| When `AUTH` is `oauth`, the MCP server will use a Tableau session initiated by the Tableau OAuth | ||
| flow to authenticate to the Tableau REST APIs. | ||
|
|
||
| OAuth is enabled by setting the `OAUTH_ISSUER` environment variable to the URL of your MCP server. |
There was a problem hiding this comment.
This isn't quite right. It should say the origin of the MCP server.
For example, the MCP server URL will always have the /tableau-mcp path e.g. https://tableaumcp.foo.com/tableau-mcp.
The OAUTH_ISSUER would just be the origin i.e. https://tableaumcp.foo.com/
| server. For more information, please see the | ||
| ## How to Enable OAuth | ||
|
|
||
| To enable OAuth, set the [`OAUTH_ISSUER`](#oauth_issuer) environment variable to the URL of your MCP server. When a URL for `OAUTH_ISSUER` is provided, the MCP server will act as an OAuth 2.1 resource server, capable of accepting and responding to protected resource requests using encrypted access tokens. |
There was a problem hiding this comment.
Same comment as above.
| ### `OAUTH_ISSUER` | ||
|
|
||
| The issuer of the OAuth server. This should be the host of the MCP server. | ||
| **Setting this environment variable enables OAuth.** This should be the URL of your MCP server (the issuer of access tokens). |
|
Thanks so much for doing this @AryanBagade . I left a few comments. You can also ignore the failing E2E tests in the checks. That is a known issue #172 |
3 participants
IMPORTANT: Please do not create a Pull Request without creating an issue first.
Any change needs to be discussed before proceeding. Failure to do so may result in the rejection of
the pull request.
Pull Request Template
Description
This PR clarifies that setting the
OAUTH_ISSUERenvironment variable is what enables OAuth in the MCP server.Changes made:
OAUTH_ISSUERvariable description with bold text stating it enables OAuthMotivation and Context
Users were confused because the documentation said "When OAuth is enabled..." but never explicitly explained HOW to enable it. This was reported in issue #185.
Type of Change
How Has This Been Tested?
cd docs && npm run build)npm test)npm run lint)npm run build)Related Issues
Fixes #185
Checklist
npm run version. For example,use
npm run version:patchfor a patch version bump.Contributor Agreement
By submitting this pull request, I confirm that:
its Contribution Checklist.