Skills
MCP OAuth 2.1 Resource Server: Protected Resource Metadata Endpoint as the New Security Baseline
The November 2025 MCP specification classifies all MCP servers as OAuth Resource Servers — requiring servers to expose a /.well-known/oauth-protected-resource discovery endpoint listing the resource identifier, trusted authorization servers, supported bearer methods, and available scopes. Every MCP server now needs: (1) the discovery endpoint, (2) JWT validation checking both issuer and audience fields to prevent token mis-redemption attacks, and (3) scope-based middleware (e.g. `mcp:tools:weather:read`). PKCE is mandatory for all clients. Servers that skip audience validation are vulnerable to confused deputy attacks where tokens issued for one MCP server are replayed against another.
↳ Follow the thread