https://v1-18.docs.dapr.io/developing-ai/mcp/Recent content in MCP on Dapr DocsHugoenhttps://v1-18.docs.dapr.io/developing-ai/mcp/mcp-authentication/Mon, 01 Jan 0001 00:00:00 +0000https://v1-18.docs.dapr.io/developing-ai/mcp/mcp-authentication/<h2 id="overview">Overview</h2> <p>The <a href="https://modelcontextprotocol.io/specification/">MCP specification</a> does not mandate any form of authentication between an MCP client and server. The security model is left to the user to plan and implement. This creates a maintenance burden on developers and opens up MCP servers to various attack surfaces.</p> <p>While MCP servers lack identity, OAuth2 is a well established standard that can be used to properly authenticate MCP clients to MCP servers.</p> <p>OAuth2 becomes essential when MCP servers are:</p>