MCP Gateway
ApiOauth apps

Discover OAuth configuration

Check .well-known/oauth-protected-resource and .well-known/oauth-authorization-server endpoints per RFC 8414. No auth required — used during server creation wizard.

POST
/api/v1/oauth-apps/discover

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

curl -X POST "https://loading/api/v1/oauth-apps/discover" \  -H "Content-Type: application/json" \  -d '{    "url": "http://example.com"  }'
{
  "supports_oauth": true,
  "authorization_endpoint": "string",
  "token_endpoint": "string",
  "registration_endpoint": "string",
  "scopes_supported": [
    "string"
  ],
  "pkce_required": true,
  "error": "string",
  "authorization_server_url": "string",
  "suggested_template_type": "string"
}
{
  "detail": [
    {
      "loc": [
        "string"
      ],
      "msg": "string",
      "type": "string"
    }
  ]
}

Detach OAuth app from server

Remove the link between an OAuth app and an MCP server. Existing user connections are not affected, but new connections cannot be created.

Find OAuth app by authorization server

Look up an existing OAuth app by its authorization server URL. Used during OAuth discovery to check if an app already exists for a given provider.