Skip to main content
When clients need to obtain tokens — not just present them — your server participates in the OAuth flow. FastMCP ships two arrangements: a built-in provider and a proxy in front of an upstream identity provider.
This page is under construction. The outline below sketches what it will cover.
  • oauthProvider — serve the OAuth endpoints yourself; client registration, grants, and token issuance.
  • oauthProxy — front an existing identity provider (Auth0, Okta, etc.) while exposing MCP-compliant metadata.
  • Protected resource metadata — what FastMCP advertises so MCP clients can discover how to authenticate.
  • Pairing with client-side auth — the client OAuth strategy that completes the flow.