Add RBAC support to Server tooling/resources/prompts

[gabe4coding]

Not sure if this should maybe be proposed on MCP Specification, however on Enterprise, it's likely happening that MCP are built by capability.
But not all the tools can be available to Agents.
This means that we should be able to define, depending on the client, which tools should be enabled.
An RBAC based on the Bearer token scopes, could help to customize the MCP tooling, depending on the permission given.
I saw that there is an Eunomia middleware, that help to prevent access do denied resources, however (correct if i'm wrong) that doesn't impact the visibility of the tools.

[tommitt]

The Eunomia Authorization Middleware you are pointing out addresses exactly that need: fine-grained authorization for tools. With that you can easily implement RBAC to control tool access within your org.

Currently, the middleware does not affect the visibility of tools, but their use only, which is the important part from a security perspective - but we'd be happy to further discuss with you potential enhancements to address this if you still think it's relevant.

[gabe4coding]

Thank you @tommitt for your reply.
Indeed the security part is very interesting, the visibility could be a great add-on for enterprises which are grouping mcp servers by capabilities.
An Agent could be overloaded with tools/prompts/resources that are not strictly needed for the purpose of the agent itself, so having a way to tweak tools visibility would be great.
In terms of organization, this would allow to work with monorepos, vertical on big capabilities (e.g. B2C and B2B), which unlocks some cost savings and processes optimizations.

[tommitt]

Thanks @gabe4coding for pointing this out. We have extended the Eunomia middleware to act on tools, resources and prompts visibility now #1144, hiding unauthorized components to the client!

You can check it out here.