← Back to glossary
Glossary

MCP Authorization

Reviewed 9 April 2026 Canonical definition

MCP authorization is the process of determining what an authenticated MCP client or agent is permitted to do once its identity has been verified. It governs which tools can be called, which resources can be read, and which sampling requests can be made — typically enforced through OAuth 2.1 scopes and server-side policy rules that are evaluated per request.

Related articles

MCP MCP Security: Dynamic Authorization Explained Access Control How Scoped Authorization Secures AI Agents MCP Complete Guide to MCP OAuth Authentication

Related terms

Magic LinksMCP (Model Context Protocol)MCP (Model-Context-Protocol) AuthenticationMCP Capability NegotiationMCP Capability NegotiationMCP Client