Springing into AI - Part 17: MCP Server - Security Playground
About In MCP Server, Security plays an extremly crucial part in securing access to different capabilities offered by it for only authenticated and authorized users. Currently, there are two ways in which this can be accomplished. OAuth2 is the industry de facto recommended approcah, and the other being a token or API key exchange. For this playground, we will be focussing on OAuth2 authorization. Project In Hobbits Inc, we will be having our custom hobbit Authorization Server that will comprise of hobbit credentials stored in memory. Our Hobbit MCP Server will be providing the relevant Resource capability information in form of profile and mugshot only for the logged in hobbit as we do not want Sauron the dark lord accessing that information else Middle Earth and Hobbits Inc would be in deep jeopardy with lawsuits from Elrond. Please note that this can be extended to other MCP capabilities like tools, prompts etc as well. Architecture overview is shown below: ...