opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 7 hours ago verified publisher icon anomalyco

OAuth: client_credentials configuration results in authorization_code flow

Open thaoula opened this issue 1 week ago • 1 comments

Description

Hi Team,

According to you docs we should be able to connect MCP's using pre-registered clients - https://opencode.ai/docs/mcp-servers/#pre-registered

I have applied the following configuration

"saas-context": {
      "type": "remote",
      "url": "https://sass/mcp/context",
      "enabled": true,
      "oauth": {
        "clientId": "CLIENT_ID",
        "clientSecret": "CLIENT_SECRET",
        "scope": "jobs:read"
      }
    }

The requests appear to be going here -

Path Excluded: /public/public-api/mcp/context
Path Excluded: /.well-known/oauth-protected-resource/api/mcp/context
Path Excluded: /.well-known/oauth-protected-resource
Path Excluded: /.well-known/oauth-authorization-server/api/mcp/context
Path Excluded: /.well-known/oauth-authorization-server
Path Excluded: /oauth2/authorize

This opens a browser to do a authorization_code flow but it should do client_credential flow because clientId and clientSecret is provided.

Regards, Tarek

Plugins

No response

OpenCode version

1.1.6

Steps to reproduce

No response

Screenshot and/or share link

No response

Operating System

macOS 26

Terminal

vscode

thaoula avatar Jan 08 '26 09:01 thaoula