mcp-context-forge icon indicating copy to clipboard operation
mcp-context-forge copied to clipboard
verified publisher icon IBM

[Epic]: Agent and Tool Authentication and Authorization Plugin and CF extensions

Open imolloy opened this issue 1 month ago • 6 comments

Description

Implement plugins to handle authentication and delegation flows and credential injection. These are between agents and tools and agents and other agents, and are not gateway administrative actions. Ensure compliance with the latest MCP standard around authorization.

Tasks

  • ContextForge
    • [ ] Create JWT claim extraction plugin leveraging the gateway's auth hooks #1439
    • [ ] Extract claims from JWTs from transport router to be passed to plugins via context #1436
    • [ ] Implement authorization server metadata (RFC8414) to identity (and passthrough) the necessary authorization server #1435
    • [ ] Secure secret storage for secrets and keys for registered MCP servers
    • [ ] Create convenience library for oauth flows #1434
  • Plugins
    • [ ] Implement token exchange oauth flow, with least privilege scopes #1434
    • [ ] Inject authorization credentials using http hooks #1437
    • [ ] Human-in-the-loop authorization flows #1438
    • [ ] Enhanced oauth flows and RFC #1438

imolloy avatar Nov 12 '25 05:11 imolloy