context_server: Mirror authorization server grant_types_supported#53501
Merged
Conversation
c536183 to
121cac8
Compare
30c9342 to
413b588
Compare
413b588 to
31e0d22
Compare
In MCP OAuth, mirror the authorization server's grant_types_supported in the DCR registration body instead of hardcoding just authorization_code. Logfire's auth server requires both authorization_code and refresh_token in grant_types, and we already uses refresh tokens, so the only issue was not advertising the capability during registration. The DCR body now intersects our supported grant types with what the server advertises, or sends all of ours when the server metadata omits grant_types_supported. Without this change, the Pydantic Logfire MCP auth server refuses our client registration.
31e0d22 to
8e1463b
Compare
bennetbo
approved these changes
May 18, 2026
TomPlanche
pushed a commit
to TomPlanche/zed
that referenced
this pull request
May 20, 2026
…d-industries#53501) In MCP OAuth, mirror the authorization server's grant_types_supported in the DCR registration body instead of hardcoding just authorization_code. Logfire's auth server requires both authorization_code and refresh_token in grant_types, and we already uses refresh tokens, so the only issue was not advertising the capability during registration. The DCR body now intersects our supported grant types with what the server advertises, or sends all of ours when the server metadata omits grant_types_supported. Without this change, the Pydantic Logfire MCP auth server refuses our client registration. Release Notes: - MCP: Improve selection of the `grant_types` we send during OAuth dynamic client registration.
This was referenced May 27, 2026
TomPlanche
pushed a commit
to TomPlanche/zed
that referenced
this pull request
Jun 2, 2026
…d-industries#53501) In MCP OAuth, mirror the authorization server's grant_types_supported in the DCR registration body instead of hardcoding just authorization_code. Logfire's auth server requires both authorization_code and refresh_token in grant_types, and we already uses refresh tokens, so the only issue was not advertising the capability during registration. The DCR body now intersects our supported grant types with what the server advertises, or sends all of ours when the server metadata omits grant_types_supported. Without this change, the Pydantic Logfire MCP auth server refuses our client registration. Release Notes: - MCP: Improve selection of the `grant_types` we send during OAuth dynamic client registration.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In MCP OAuth, mirror the authorization server's grant_types_supported in the DCR registration body instead of hardcoding just authorization_code. Logfire's auth server requires both authorization_code and refresh_token in grant_types, and we already uses refresh tokens, so the only issue was not advertising the capability during registration. The DCR body now intersects our supported grant types with what the server advertises, or sends all of ours when the server metadata omits grant_types_supported.
Without this change, the Pydantic Logfire MCP auth server refuses our client registration.
Release Notes:
grant_typeswe send during OAuth dynamic client registration.