AI MCP OAuth2

Release date 2026/04/07

Feature

• Added Token Exchange support to swap JWT tokens before accessing MCP Server.

• Added support for mapping claim to authenticated credential.

• Made the client_id field not required when client_auth is set to something other than client_secret_basic or client_secret_post

• Added upstream_headers field for mapping token claims to upstream headers using path-based access. Mutually exclusive with claim_to_header.

• Added support for passing tokens upstream.

• Added support for multiple token validation methods.

• Added support mapping claims in token to consumer and consumer_groups.

Bugfix

• Fixed an issue where we didn’t clear header for absent claim.

Release date 2026/02/01

Bugfix

• Fixed an issue where we didn’t clear header for absent claim.

Release date 2025/12/18

Bugfix

• Fixed an issue where MCP-like request was not authenticated.

• Fixed an issue where the oidc schema was polluted during merging.

• Fixed an issue where resource without path was not correctly handled.

• Fixed an issue where there was an unexpected required: false in the plugin schema.

• Fixed an issue where x-forwarded-* headers were not respected.

Release date 2026/02/26

Bugfix

• Fixed an issue where we didn’t clear header for absent claim.

Release date 2025/12/10

Bugfix

• Fixed an issue where MCP-like request was not authenticated. Previously, we only authenticated requests that satisfied the MCP spec. As a result, the attacker can bypass this via an MCP-like request. Therefore, now we change to authenticate all the requests.

• Fixed an issue where the oidc schema was polluted during merging.

• Fixed an issue where resource without path was not correctly handled.

• Fixed an issue where x-forwarded-* headers were not respected.

Release date 2025/10/01

Feature

• Introduced the AI MCP OAuth2 plugin, which protects the MCP traffic with OAuth2.

• Dropped the enabled field, as we already have one in plugin table.