Microsoft
MicrosoftHi Mark
thanks a lot for this helpful blog.
But I want to do the authentication without browser-based user authentication. I registered my mcp client app as confidential app in Azure with a client secret. How can I now do the authentication with the client id & secret without any user interaction... the client is trusted and should be allowed to call the mcp server.
Thanks for any hints, samples or ideas, I couldnt find anything in the net. BR markus
MicrosoftHi Markus mbuchberger1967 ... OAuth is useful when you want the server to know who the user is to do authz - ie behave differently depending on the user or maybe their role. If its a fixed client and no user interaction then maybe the simplest authentication mechanism is just to check a key in the payload - much like an API key. Catch me on LinkedIn if you want to discuss. /markharrison-uk
ok i see your point. is there support for your proposal in the MCP C# lib?
Thx for the quick reply. is it ok to discuss here?
MicrosoftSure discuss here - its just these forums seem a bit clunky :-) for a lot of dialogue.
Not seen any proposal in the C#SDK. To validate a key passed in the http payload is just standard .NET coding ... i dont think it would be needed in the SDK.
I cannot add a marker for your name to notify you :(
<a href="/users/mark%20harrison%20(uk)/71348" data-lia-user-mentions="" data-lia-user-uid="71348" data-lia-user-login="Mark Harrison (UK)" class="lia-mention lia-mention-user" rel="nofollow noopener noreferrer">Mark Harrison (UK)</a>
