Arcade.dev proposes MCP URL elicitation to fix OAuth credential security gap in AI agent tool-calling
MCP (Model Context Protocol) has no secure mechanism for servers to obtain third-party credentials such as OAuth tokens, leaving developers forced to use insecure workarounds like hardcoded credentials or passing tokens through untrusted MCP clients.
Existing workarounds including service account tokens with excessive scopes, hardcoded server credentials, and client-side credential storage all violate security principles and create risks such as token exfiltration.
Arcade.dev submitted PR #887 extending MCP's elicitation framework with a URL mode that routes sensitive credential flows through the browser directly to auth providers, keeping the untrusted MCP client out of the credential path entirely.
Frequently asked questions
What did this team achieve with this AI workflow?
Arcade.dev submitted PR #887 extending MCP's elicitation framework with a URL mode that routes sensitive credential flows through the browser directly to auth providers, keeping the untrusted MCP client out of the cre…
What tools did this team use?
MCP, OAuth 2.0, Arcade.
What results were reported?
PR contributors examining security: 50+; Arcade secure auth integrations: 100+ (source-reported, not independently verified).
What failed first in this deployment?
Existing workarounds including service account tokens with excessive scopes, hardcoded server credentials, and client-side credential storage all violate security principles and create risks such as token exfiltration.
How is this workflow AI workflow structured?
Agent tool call requires auth → Server checks for valid token → Server raises URL elicitation → Client opens auth URL → Server stores token and retries.