Implement OAuth 2.1 Authorization per MCP Specification

### Use Case

The [MCP Specification (2025-06-18)](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization) defines OAuth 2.1-based authorization for HTTP-based transports.

EventCatalog MCP server does not implement the MCP authorization specification, making it unsuitable for environments requiring:

- Authenticated access to MCP resources
- Integration with OAuth-based identity systems
- Compliance with enterprise security policies

### Proposed Solution

Implement OAuth 2.1 authorization as specified in the [MCP Authorization spec](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization). Potentially using a 3rd party sdk, like `better-auth`.

### Implementation Notes

_No response_

### Community Notes


* Please vote by adding a 👍 reaction to the issue to help us prioritize.
* If you are interested to work on this issue, please leave a comment.
* If this issue is labeled **needs-discussion**, it means the spec has not been finalized yet. Please reach out in the [EventCatalog Discord](https://discord.com/invite/3rjaZMmrAm).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement OAuth 2.1 Authorization per MCP Specification #2123

Use Case

Proposed Solution

Implementation Notes

Community Notes

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Implement OAuth 2.1 Authorization per MCP Specification #2123

Description

Use Case

Proposed Solution

Implementation Notes

Community Notes

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions