Display name shown in logs and admin UI.
It's not true, the clients are logged by id and we have no admin UI. The name is not used by Octane, it is like a label or a description for a customer to better understand what is this client.
Display name shown in logs and admin UI.
It's not true, the clients are logged by id and we have no admin UI. The name is not used by Octane, it is like a label or a description for a customer to better understand what is this client.
OAuth 2.1 authentication
Don't we want to say that the authentication process is described by the OAuth 2.1 specification? I mean the explanation to the customers why this documentation doesn't describe the OAuth 2.1 login flow.
The OAuth 2.1 metadata url is <server>/.well-known/oauth-authorization-server
MCP client MUST use the Authorization request header field with the received access token: Authorization: Bearer <access-token>
Register MCP clients
Only public clients are supported as defined in the https://www.rfc-editor.org/info/rfc8252/#section-8.4
User-based login flows (for example, desktop IDE clients) with short-lived access tokens
Supported grant types: authorization code and refresh token.
This is required for desktop clients that pick a random free port
and compatible with the spec https://www.rfc-editor.org/info/rfc8252/#section-7.3
key
Replace "key" with bearer token
short-lived access tokens
short-lived access tokens and long-lived refresh tokens