Table of Contents

Class ClientOAuthOptions

Namespace
ModelContextProtocol.Authentication
Assembly
ModelContextProtocol.Core.dll

Provides configuration options for the ModelContextProtocol.Authentication.ClientOAuthProvider.

public sealed class ClientOAuthOptions
Inheritance
ClientOAuthOptions
Inherited Members

Properties

AdditionalAuthorizationParameters

Gets or sets additional parameters to include in the query string of the OAuth authorization request providing extra information or fulfilling specific requirements of the OAuth provider.

public IDictionary<string, string> AdditionalAuthorizationParameters { get; set; }

Property Value

IDictionary<string, string>

Remarks

Parameters specified cannot override or append to any automatically set parameters like the "redirect_uri" which should instead be configured via RedirectUri.

AuthServerSelector

Gets or sets the authorization server selector function.

public Func<IReadOnlyList<Uri>, Uri?>? AuthServerSelector { get; set; }

Property Value

Func<IReadOnlyList<Uri>, Uri>

Remarks

This function is used to select which authorization server to use when multiple servers are available. If not specified, the first available server will be selected.

The function receives a list of available authorization server URIs and should return the selected server, or null if no suitable server is found.

AuthorizationRedirectDelegate

Gets or sets the authorization redirect delegate for handling the OAuth authorization flow.

public AuthorizationRedirectDelegate? AuthorizationRedirectDelegate { get; set; }

Property Value

AuthorizationRedirectDelegate

Remarks

This delegate is responsible for handling the OAuth authorization URL and obtaining the authorization code. If not specified, a default implementation will be used that prompts the user to enter the code manually.

Custom implementations might open a browser, start an HTTP listener, or use other mechanisms to capture the authorization code from the OAuth redirect.

ClientId

Gets or sets the OAuth client ID. If not provided, the client will attempt to register dynamically.

public string? ClientId { get; set; }

Property Value

string

ClientName

Gets or sets the client name to use during dynamic client registration.

public string? ClientName { get; set; }

Property Value

string

Remarks

This is a human-readable name for the client that may be displayed to users during authorization. Only used when a ClientId is not specified.

ClientSecret

Gets or sets the OAuth client secret.

public string? ClientSecret { get; set; }

Property Value

string

Remarks

This is optional for public clients or when using PKCE without client authentication.

ClientUri

Gets or sets the client URI to use during dynamic client registration.

public Uri? ClientUri { get; set; }

Property Value

Uri

Remarks

This should be a URL pointing to the client's home page or information page. Only used when a ClientId is not specified.

RedirectUri

Gets or sets the OAuth redirect URI.

public required Uri RedirectUri { get; set; }

Property Value

Uri

Scopes

Gets or sets the OAuth scopes to request.

public IEnumerable<string>? Scopes { get; set; }

Property Value

IEnumerable<string>

Remarks

When specified, these scopes will be used instead of the scopes advertised by the protected resource. If not specified, the provider will use the scopes from the protected resource metadata.

Common OAuth scopes include "openid", "profile", "email", etc.

Edit this page