Workflow · saas · workflow

Arcade.dev proposes MCP URL elicitation to fix OAuth credential security gap in AI agent tool-calling

MCP (Model Context Protocol) has no secure mechanism for servers to obtain third-party credentials such as OAuth tokens, leaving developers forced to use insecure workarounds like hardcoded credentials or passing tokens through untrusted MCP clients.

How it works
Common implementation structure
How this type of workflow is generally built, generalized across documented cases — not tied to any one vendor's stack. Click any stage to read what happens there. Specific products that implement these stages appear in “Tools commonly seen” below.
Stage 1 · Agent tool call requires auth
An AI agent calls a tool that requires authenticated access to an external API such as Gmail.
Tools used
MCPOAuth 2.0Arcade
Outcome

Arcade.dev submitted PR #887 extending MCP's elicitation framework with a URL mode that routes sensitive credential flows through the browser directly to auth providers, keeping the untrusted MCP client out of the credential path entirely.

What failed first

Existing workarounds including service account tokens with excessive scopes, hardcoded server credentials, and client-side credential storage all violate security principles and create risks such as token exfiltration.

Results
Volume50+
Source

https://blog.arcade.dev/mcp-server-authorization-guide

How we source this →

Grounding & classification
Source type: technical build writeup
14 fields verified against source quotes.
agentic workflowai agentfailure mode describedproduction runtime claimedsource backedtools describedworkflow describedsoftwaretechnical build writeupagentic task execution