This is a tracking issue for implementation of SEP-835.
Summary
This SEP significantly enhances the authorization capabilities of MCP by introducing incremental scope consent via the WWW-Authenticate header mechanism and adds support for OpenID Connect Discovery 1.0. The Python SDK needs to implement progressive authorization flows that request additional scopes as needed during a session, support for WWW-Authenticate challenge-response patterns, and OIDC discovery endpoints to enable more granular permission management while maintaining the principle of least privilege.
Related Issues & PRs
This is a tracking issue for implementation of SEP-835.
Summary
This SEP significantly enhances the authorization capabilities of MCP by introducing incremental scope consent via the WWW-Authenticate header mechanism and adds support for OpenID Connect Discovery 1.0. The Python SDK needs to implement progressive authorization flows that request additional scopes as needed during a session, support for WWW-Authenticate challenge-response patterns, and OIDC discovery endpoints to enable more granular permission management while maintaining the principle of least privilege.
Related Issues & PRs