MCP OAuth 2.1 New Authorization Specification Published — RFC 8707 Resource Indicators for Secure Agent Auth
The Model Context Protocol (MCP) has published its new authorization specification, and it’s a meaningful upgrade for anyone building or securing AI agent systems. The spec mandates OAuth 2.1 as the foundational auth framework, with RFC 8707 Resource Indicators providing the mechanism for strict, per-resource access controls. If you’re running MCP servers in production — or building agents that communicate with them — this guide walks through what changed, why it matters, and what you need to implement. ...