Skip to content

Commit 154a8c0

Browse files
LasimLasim
committed
feat(all): add skip_oauth_flow flag for MCP catalog servers
Allow global admins to bypass the OAuth authorization flow for HTTP/SSE MCP servers that accept static Bearer tokens. When enabled, teams provide their Personal Access Token directly via headers instead of going through the OAuth redirect. Backend: new skip_oauth_flow column on mcpServers table, accepted in create/update routes, skips OAuth detection in installation service. Frontend: toggle in catalog add/edit wizard, shown in review step, server detail views, and installation wizard.
1 parent 7caca3d commit 154a8c0

File tree

27 files changed

+6803
-15
lines changed

27 files changed

+6803
-15
lines changed

services/backend/api-spec.json

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20085,6 +20085,10 @@
2008520085
"type": "boolean",
2008620086
"description": "Whether server requires OAuth"
2008720087
},
20088+
"skip_oauth_flow": {
20089+
"type": "boolean",
20090+
"description": "Skip OAuth flow (use headers/PAT instead)"
20091+
},
2008820092
"github_stars": {
2008920093
"type": "number",
2009020094
"nullable": true,
@@ -20152,6 +20156,7 @@
2015220156
"status",
2015320157
"featured",
2015420158
"requires_oauth",
20159+
"skip_oauth_flow",
2015520160
"source",
2015620161
"created_at",
2015720162
"updated_at"
@@ -20522,6 +20527,10 @@
2052220527
"type": "boolean",
2052320528
"description": "Whether this server requires OAuth authentication"
2052420529
},
20530+
"skip_oauth_flow": {
20531+
"type": "boolean",
20532+
"description": "Skip the OAuth authorization flow even if OAuth is detected"
20533+
},
2052520534
"source": {
2052620535
"type": "string",
2052720536
"enum": [
@@ -20571,6 +20580,7 @@
2057120580
"featured",
2057220581
"auto_install_new_default_team",
2057320582
"requires_oauth",
20583+
"skip_oauth_flow",
2057420584
"created_at",
2057520585
"updated_at"
2057620586
]
@@ -21096,6 +21106,10 @@
2109621106
"type": "boolean",
2109721107
"description": "Whether server requires OAuth"
2109821108
},
21109+
"skip_oauth_flow": {
21110+
"type": "boolean",
21111+
"description": "Skip OAuth flow (use headers/PAT instead)"
21112+
},
2109921113
"github_stars": {
2110021114
"type": "number",
2110121115
"nullable": true,
@@ -21163,6 +21177,7 @@
2116321177
"status",
2116421178
"featured",
2116521179
"requires_oauth",
21180+
"skip_oauth_flow",
2116621181
"source",
2116721182
"created_at",
2116821183
"updated_at"
@@ -22460,6 +22475,10 @@
2246022475
"requires_oauth": {
2246122476
"type": "boolean",
2246222477
"description": "Whether this server requires OAuth authentication"
22478+
},
22479+
"skip_oauth_flow": {
22480+
"type": "boolean",
22481+
"description": "Skip the OAuth authorization flow even if OAuth is detected (use headers/PAT instead)"
2246322482
}
2246422483
},
2246522484
"required": [
@@ -22711,6 +22730,10 @@
2271122730
"type": "boolean",
2271222731
"description": "Whether this server requires OAuth authentication"
2271322732
},
22733+
"skip_oauth_flow": {
22734+
"type": "boolean",
22735+
"description": "Skip the OAuth authorization flow even if OAuth is detected"
22736+
},
2271422737
"source": {
2271522738
"type": "string",
2271622739
"enum": [
@@ -22760,6 +22783,7 @@
2276022783
"featured",
2276122784
"auto_install_new_default_team",
2276222785
"requires_oauth",
22786+
"skip_oauth_flow",
2276322787
"created_at",
2276422788
"updated_at"
2276522789
]
@@ -23161,6 +23185,10 @@
2316123185
"type": "boolean",
2316223186
"description": "Whether this server requires OAuth authentication"
2316323187
},
23188+
"skip_oauth_flow": {
23189+
"type": "boolean",
23190+
"description": "Skip the OAuth authorization flow even if OAuth is detected (use headers/PAT instead)"
23191+
},
2316423192
"template_args": {
2316523193
"type": "array",
2316623194
"items": {
@@ -23949,6 +23977,10 @@
2394923977
"type": "boolean",
2395023978
"description": "Whether this server requires OAuth authentication"
2395123979
},
23980+
"skip_oauth_flow": {
23981+
"type": "boolean",
23982+
"description": "Skip the OAuth authorization flow even if OAuth is detected"
23983+
},
2395223984
"source": {
2395323985
"type": "string",
2395423986
"enum": [
@@ -23998,6 +24030,7 @@
2399824030
"featured",
2399924031
"auto_install_new_default_team",
2400024032
"requires_oauth",
24033+
"skip_oauth_flow",
2400124034
"created_at",
2400224035
"updated_at"
2400324036
]

services/backend/api-spec.yaml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13978,6 +13978,9 @@ paths:
1397813978
requires_oauth:
1397913979
type: boolean
1398013980
description: Whether server requires OAuth
13981+
skip_oauth_flow:
13982+
type: boolean
13983+
description: Skip OAuth flow (use headers/PAT instead)
1398113984
github_stars:
1398213985
type: number
1398313986
nullable: true
@@ -14033,6 +14036,7 @@ paths:
1403314036
- status
1403414037
- featured
1403514038
- requires_oauth
14039+
- skip_oauth_flow
1403614040
- source
1403714041
- created_at
1403814042
- updated_at
@@ -14308,6 +14312,9 @@ paths:
1430814312
requires_oauth:
1430914313
type: boolean
1431014314
description: Whether this server requires OAuth authentication
14315+
skip_oauth_flow:
14316+
type: boolean
14317+
description: Skip the OAuth authorization flow even if OAuth is detected
1431114318
source:
1431214319
type: string
1431314320
enum:
@@ -14351,6 +14358,7 @@ paths:
1435114358
- featured
1435214359
- auto_install_new_default_team
1435314360
- requires_oauth
14361+
- skip_oauth_flow
1435414362
- created_at
1435514363
- updated_at
1435614364
required:
@@ -14727,6 +14735,9 @@ paths:
1472714735
requires_oauth:
1472814736
type: boolean
1472914737
description: Whether server requires OAuth
14738+
skip_oauth_flow:
14739+
type: boolean
14740+
description: Skip OAuth flow (use headers/PAT instead)
1473014741
github_stars:
1473114742
type: number
1473214743
nullable: true
@@ -14782,6 +14793,7 @@ paths:
1478214793
- status
1478314794
- featured
1478414795
- requires_oauth
14796+
- skip_oauth_flow
1478514797
- source
1478614798
- created_at
1478714799
- updated_at
@@ -15731,6 +15743,10 @@ paths:
1573115743
requires_oauth:
1573215744
type: boolean
1573315745
description: Whether this server requires OAuth authentication
15746+
skip_oauth_flow:
15747+
type: boolean
15748+
description: Skip the OAuth authorization flow even if OAuth is detected (use
15749+
headers/PAT instead)
1573415750
required:
1573515751
- name
1573615752
- description
@@ -15923,6 +15939,9 @@ paths:
1592315939
requires_oauth:
1592415940
type: boolean
1592515941
description: Whether this server requires OAuth authentication
15942+
skip_oauth_flow:
15943+
type: boolean
15944+
description: Skip the OAuth authorization flow even if OAuth is detected
1592615945
source:
1592715946
type: string
1592815947
enum:
@@ -15966,6 +15985,7 @@ paths:
1596615985
- featured
1596715986
- auto_install_new_default_team
1596815987
- requires_oauth
15988+
- skip_oauth_flow
1596915989
- created_at
1597015990
- updated_at
1597115991
required:
@@ -16256,6 +16276,10 @@ paths:
1625616276
requires_oauth:
1625716277
type: boolean
1625816278
description: Whether this server requires OAuth authentication
16279+
skip_oauth_flow:
16280+
type: boolean
16281+
description: Skip the OAuth authorization flow even if OAuth is detected (use
16282+
headers/PAT instead)
1625916283
template_args:
1626016284
type: array
1626116285
items:
@@ -16857,6 +16881,9 @@ paths:
1685716881
requires_oauth:
1685816882
type: boolean
1685916883
description: Whether this server requires OAuth authentication
16884+
skip_oauth_flow:
16885+
type: boolean
16886+
description: Skip the OAuth authorization flow even if OAuth is detected
1686016887
source:
1686116888
type: string
1686216889
enum:
@@ -16900,6 +16927,7 @@ paths:
1690016927
- featured
1690116928
- auto_install_new_default_team
1690216929
- requires_oauth
16930+
- skip_oauth_flow
1690316931
- created_at
1690416932
- updated_at
1690516933
required:

services/backend/drizzle/migrations/0027_stormy_texas_twister.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
ALTER TABLE "mcpServers" ADD COLUMN "skip_oauth_flow" boolean DEFAULT false NOT NULL;

0 commit comments

Comments
 (0)