Authorization Security Controls#

Controls for access control, permissions, and authorization in MCP servers.

Controls in this Domain#

  • MCP-AUTHZ-01: OAuth Delegation
  • MCP-AUTHZ-02: Tool Scopes
  • MCP-AUTHZ-03: Least Privilege
  • MCP-AUTHZ-04: Role-Based Access Control (RBAC)
Backward MCP-NET-03 — TLS Enforcement for Remote Connections MCP-AUTHZ-01 — OAuth Token Delegation Forward
Privacy Policy Terms of Use Cookie Policy
MCP Server Security Standard