feat(dashboard): authentication UI for remote-backed MCP servers#3008
feat(dashboard): authentication UI for remote-backed MCP servers#3008bflad wants to merge 1 commit into
Conversation
https://linear.app/speakeasy/issue/AGE-2488/initial-user-session-issuer-management-ui-for-remote-backed-mcp Adds an Authentication tab and Overview section to MCP server detail pages under /x/mcp/, gated on the gram-user-session-management PostHog flag. Operators configure the platform user session issuer (session duration) and manage upstream identity providers — attach via discovery (RFC 9728 probe on the remote URL plus RFC 8414 metadata on the issuer) with optional Dynamic Client Registration (RFC 7591), or via manual configuration. Modify and detach flows live alongside, with a type-the-issuer-URL confirmation on detach. Supporting backend changes: - discoveryError carries the well-known URL and HTTP status so the handler returns actionable user-facing messages (e.g. "OAuth metadata not found at …", "Unexpected HTTP 503 from …") instead of a generic gateway error. - handleProxyRegister falls back to the Gram-Session header when no session cookie is in context (dev cross-origin case). - MCP server visibility dropdown drops "public"; first IdP attach auto-transitions disabled→private; visibility-only updates forward userSessionIssuerId so the auth chain isn't dropped.
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
|
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
🚀 Preview Environment (PR #3008)Preview URL: https://pr-3008.dev.getgram.ai
Gram Preview Bot |
2 participants
https://linear.app/speakeasy/issue/AGE-2488/initial-user-session-issuer-management-ui-for-remote-backed-mcp
Adds an Authentication tab and Overview section to MCP server detail pages under
/x/mcp/, gated on thegram-user-session-managementPostHog flag. Operators configure the platform user session issuer (session duration) and manage upstream identity providers — attach via discovery (RFC 9728 probe on the remote URL plus RFC 8414 metadata on the issuer) with optional Dynamic Client Registration (RFC 7591), or via manual configuration. Modify and detach flows live alongside, with a type-the-issuer-URL confirmation on detach.Supporting backend changes:
discoveryErrorcarries the well-known URL and HTTP status so the handler returns actionable user-facing messages (e.g. "OAuth metadata not found at …", "Unexpected HTTP 503 from …") instead of a generic gateway error.handleProxyRegisterfalls back to theGram-Sessionheader when no session cookie is in context (dev cross-origin case).public; first IdP attach auto-transitionsdisabled→private; visibility-only updates forwarduserSessionIssuerIdso the auth chain isn't dropped.