MCP integrations can use either token/bearer authentication or OAuth authorization codes, based on the vendor's required authentication method.
MCP integrations can use either token/bearer authentication or OAuth authorization codes, based on the vendor's required authentication method.
Token/bearer authentication
Use when the vendor provides a static token or API key. The user configures the token, and the integration uses it for all requests. test-module works directly with client.test_connection(). Refer to Packs/GitHubMCP/Integrations/GitHubMCPfor an example.
OAuth authorization code
Use when the vendor requires user authorization via OAuth. The user runs generate-login-url to get an authorization URL, authorizes the integration, and provides the authorization code. test-module raises an exception directing users to use auth-test instead. Refer to Packs/CloudFlareMCP/Integrations/CloudFlareMCP for an example.
OAuth dynamic client registration
Use when the vendor supports automatic client registration. This options is similar to OAuth authorization code, but the Client class handles registration automatically. Refer to Packs/AtlassianCloudMCP/Integrations/AtlassianCloudMCP for an example.
Multiple auth types (generic)
Use when you need to support multiple authentication methods in a single integration. Include an auth_type dropdown parameter and validate that required parameters are present for the selected auth type.