Loading lesson page...
AI From Scratch/Lesson 16/~75 minutes
MCP Security II — OAuth 2.1, Resource Indicators, Incremental Scopes
Remote MCP servers need authorization, not just authentication. The 2025-11-25 spec aligns with OAuth 2.1 + PKCE + resource indicators (RFC 8707) + protected-resource metadata (RFC 9728). SEP-835 adds incremental scope consent with step-up...
BuildPython (stdlibOAuth state machine simulator)