feat: implement inbound auth (#467)

* feat: extend JWT wizard with allowedScopes and agent OAuth credential inputs

* feat: auto-create managed OAuth credential for CUSTOM_JWT gateway

* feat: add CLI flags for CUSTOM_JWT agent OAuth credentials

* feat: add CUSTOM_JWT Bearer token auth to agent templates (Strands, LangChain, OpenAI, Google ADK)

* feat: protect managed credentials from accidental deletion

* test: add tests for CUSTOM_JWT CLI validation and managed credential protection

* fix: resolve httpx import collision between AWS_IAM and CUSTOM_JWT templates

* fix: use placeholder instead of initialValue for gateway discovery URL

* feat: wire CUSTOM_JWT inbound auth through AgentCore identity system

Author: aidandaly24

src/assets/__tests__/__snapshots__/assets.snapshot.test.ts.snap

@@ -1749,6 +1749,23 @@ logger = logging.getLogger(__name__)
 import httpx
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_toolsets() -> list[MCPToolset]:
     """Returns MCP Toolsets for all configured gateways."""
@@ -1763,6 +1780,10 @@ def get_all_gateway_mcp_toolsets() -> list[MCPToolset]:
             url=url,
             httpx_client_factory=lambda **kwargs: httpx.AsyncClient(auth=auth, **kwargs)
         )))
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else None
+        toolsets.append(MCPToolset(connection_params=StreamableHTTPConnectionParams(url=url, headers=headers)))
         {{else}}
         toolsets.append(MCPToolset(connection_params=StreamableHTTPConnectionParams(url=url)))
         {{/if}}
@@ -2035,6 +2056,23 @@ logger = logging.getLogger(__name__)
 {{#if (includes gatewayAuthTypes "AWS_IAM")}}
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_client() -> MultiServerMCPClient | None:
     """Returns an MCP Client connected to all configured gateways."""
@@ -2046,6 +2084,10 @@ def get_all_gateway_mcp_client() -> MultiServerMCPClient | None:
         session = create_aws_session()
         auth = SigV4HTTPXAuth(session.get_credentials(), "bedrock-agentcore", session.region_name)
         servers["{{name}}"] = {"transport": "streamable_http", "url": url, "auth": auth}
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else None
+        servers["{{name}}"] = {"transport": "streamable_http", "url": url, "headers": headers}
         {{else}}
         servers["{{name}}"] = {"transport": "streamable_http", "url": url}
         {{/if}}
@@ -2460,6 +2502,23 @@ logger = logging.getLogger(__name__)
 import httpx
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_servers() -> list[MCPServerStreamableHttp]:
     """Returns MCP servers for all configured gateways."""
@@ -2474,6 +2533,10 @@ def get_all_gateway_mcp_servers() -> list[MCPServerStreamableHttp]:
             name="{{name}}",
             params={"url": url, "httpx_client_factory": lambda **kwargs: httpx.AsyncClient(auth=auth, **kwargs)}
         ))
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else {}
+        servers.append(MCPServerStreamableHttp(name="{{name}}", params={"url": url, "headers": headers}))
         {{else}}
         servers.append(MCPServerStreamableHttp(name="{{name}}", params={"url": url}))
         {{/if}}
@@ -2771,7 +2834,23 @@ logger = logging.getLogger(__name__)
 {{#if (includes gatewayAuthTypes "AWS_IAM")}}
 from mcp_proxy_for_aws.client import aws_iam_streamablehttp_client
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
 
+{{/if}}
+{{/each}}
 {{#each gatewayProviders}}
 def get_{{snakeCase name}}_mcp_client() -> MCPClient | None:
     """Returns an MCP Client connected to the {{name}} gateway."""
@@ -2781,6 +2860,10 @@ def get_{{snakeCase name}}_mcp_client() -> MCPClient | None:
         return None
     {{#if (eq authType "AWS_IAM")}}
     return MCPClient(lambda: aws_iam_streamablehttp_client(url, aws_service="bedrock-agentcore", aws_region=os.environ.get("AWS_REGION", os.environ.get("AWS_DEFAULT_REGION"))))
+    {{else if (eq authType "CUSTOM_JWT")}}
+    token = _get_bearer_token_{{snakeCase name}}()
+    headers = {"Authorization": f"Bearer {token}"} if token else {}
+    return MCPClient(lambda: streamablehttp_client(url, headers=headers))
     {{else}}
     return MCPClient(lambda: streamablehttp_client(url))
     {{/if}}

src/assets/python/googleadk/base/mcp_client/client.py

@@ -10,6 +10,23 @@
 import httpx
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_toolsets() -> list[MCPToolset]:
     """Returns MCP Toolsets for all configured gateways."""
@@ -24,6 +41,10 @@ def get_all_gateway_mcp_toolsets() -> list[MCPToolset]:
             url=url,
             httpx_client_factory=lambda **kwargs: httpx.AsyncClient(auth=auth, **kwargs)
         )))
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else None
+        toolsets.append(MCPToolset(connection_params=StreamableHTTPConnectionParams(url=url, headers=headers)))
         {{else}}
         toolsets.append(MCPToolset(connection_params=StreamableHTTPConnectionParams(url=url)))
         {{/if}}

src/assets/python/langchain_langgraph/base/mcp_client/client.py

@@ -8,6 +8,23 @@
 {{#if (includes gatewayAuthTypes "AWS_IAM")}}
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_client() -> MultiServerMCPClient | None:
     """Returns an MCP Client connected to all configured gateways."""
@@ -19,6 +36,10 @@ def get_all_gateway_mcp_client() -> MultiServerMCPClient | None:
         session = create_aws_session()
         auth = SigV4HTTPXAuth(session.get_credentials(), "bedrock-agentcore", session.region_name)
         servers["{{name}}"] = {"transport": "streamable_http", "url": url, "auth": auth}
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else None
+        servers["{{name}}"] = {"transport": "streamable_http", "url": url, "headers": headers}
         {{else}}
         servers["{{name}}"] = {"transport": "streamable_http", "url": url}
         {{/if}}

src/assets/python/openaiagents/base/mcp_client/client.py

@@ -9,6 +9,23 @@
 import httpx
 from mcp_proxy_for_aws.sigv4_helper import SigV4HTTPXAuth, create_aws_session
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
+
+{{/if}}
+{{/each}}
 
 def get_all_gateway_mcp_servers() -> list[MCPServerStreamableHttp]:
     """Returns MCP servers for all configured gateways."""
@@ -23,6 +40,10 @@ def get_all_gateway_mcp_servers() -> list[MCPServerStreamableHttp]:
             name="{{name}}",
             params={"url": url, "httpx_client_factory": lambda **kwargs: httpx.AsyncClient(auth=auth, **kwargs)}
         ))
+        {{else if (eq authType "CUSTOM_JWT")}}
+        token = _get_bearer_token_{{snakeCase name}}()
+        headers = {"Authorization": f"Bearer {token}"} if token else {}
+        servers.append(MCPServerStreamableHttp(name="{{name}}", params={"url": url, "headers": headers}))
         {{else}}
         servers.append(MCPServerStreamableHttp(name="{{name}}", params={"url": url}))
         {{/if}}

src/assets/python/strands/base/mcp_client/client.py

@@ -9,7 +9,23 @@
 {{#if (includes gatewayAuthTypes "AWS_IAM")}}
 from mcp_proxy_for_aws.client import aws_iam_streamablehttp_client
 {{/if}}
+{{#if (includes gatewayAuthTypes "CUSTOM_JWT")}}
+from bedrock_agentcore.identity import requires_access_token
+{{/if}}
+
+{{#each gatewayProviders}}
+{{#if (eq authType "CUSTOM_JWT")}}
+@requires_access_token(
+    provider_name="{{credentialProviderName}}",
+    scopes=[{{#if scopes}}"{{scopes}}"{{/if}}],
+    auth_flow="M2M",
+)
+def _get_bearer_token_{{snakeCase name}}(*, access_token: str):
+    """Obtain OAuth access token via AgentCore Identity for {{name}}."""
+    return access_token
 
+{{/if}}
+{{/each}}
 {{#each gatewayProviders}}
 def get_{{snakeCase name}}_mcp_client() -> MCPClient | None:
     """Returns an MCP Client connected to the {{name}} gateway."""
@@ -19,6 +35,10 @@ def get_{{snakeCase name}}_mcp_client() -> MCPClient | None:
         return None
     {{#if (eq authType "AWS_IAM")}}
     return MCPClient(lambda: aws_iam_streamablehttp_client(url, aws_service="bedrock-agentcore", aws_region=os.environ.get("AWS_REGION", os.environ.get("AWS_DEFAULT_REGION"))))
+    {{else if (eq authType "CUSTOM_JWT")}}
+    token = _get_bearer_token_{{snakeCase name}}()
+    headers = {"Authorization": f"Bearer {token}"} if token else {}
+    return MCPClient(lambda: streamablehttp_client(url, headers=headers))
     {{else}}
     return MCPClient(lambda: streamablehttp_client(url))
     {{/if}}

src/cli/commands/add/__tests__/validate.test.ts

@@ -240,6 +240,47 @@ describe('validate', () => {
       expect(validateAddGatewayOptions(validGatewayOptionsNone)).toEqual({ valid: true });
       expect(validateAddGatewayOptions(validGatewayOptionsJwt)).toEqual({ valid: true });
     });
+
+    // AC15: agentClientId and agentClientSecret must be provided together
+    it('returns error when agentClientId provided without agentClientSecret', () => {
+      const result = validateAddGatewayOptions({
+        ...validGatewayOptionsJwt,
+        agentClientId: 'my-client-id',
+      });
+      expect(result.valid).toBe(false);
+      expect(result.error).toBe('Both --agent-client-id and --agent-client-secret must be provided together');
+    });
+
+    it('returns error when agentClientSecret provided without agentClientId', () => {
+      const result = validateAddGatewayOptions({
+        ...validGatewayOptionsJwt,
+        agentClientSecret: 'my-secret',
+      });
+      expect(result.valid).toBe(false);
+      expect(result.error).toBe('Both --agent-client-id and --agent-client-secret must be provided together');
+    });
+
+    // AC16: agent credentials only valid with CUSTOM_JWT
+    it('returns error when agent credentials used with non-CUSTOM_JWT authorizer', () => {
+      const result = validateAddGatewayOptions({
+        ...validGatewayOptionsNone,
+        agentClientId: 'my-client-id',
+        agentClientSecret: 'my-secret',
+      });
+      expect(result.valid).toBe(false);
+      expect(result.error).toBe('Agent OAuth credentials are only valid with CUSTOM_JWT authorizer');
+    });
+
+    // AC17: valid CUSTOM_JWT with agent credentials passes
+    it('passes for CUSTOM_JWT with agent credentials', () => {
+      const result = validateAddGatewayOptions({
+        ...validGatewayOptionsJwt,
+        agentClientId: 'my-client-id',
+        agentClientSecret: 'my-secret',
+        allowedScopes: 'scope1,scope2',
+      });
+      expect(result.valid).toBe(true);
+    });
   });
 
   describe('validateAddGatewayTargetOptions', () => {

src/cli/commands/add/actions.ts

@@ -64,6 +64,9 @@ export interface ValidatedAddGatewayOptions {
   discoveryUrl?: string;
   allowedAudience?: string;
   allowedClients?: string;
+  allowedScopes?: string;
+  agentClientId?: string;
+  agentClientSecret?: string;
   agents?: string;
 }
 
@@ -267,6 +270,14 @@ function buildGatewayConfig(options: ValidatedAddGatewayOptions): AddGatewayConf
         .allowedClients!.split(',')
         .map(s => s.trim())
         .filter(Boolean),
+      allowedScopes: options.allowedScopes
+        ? options.allowedScopes
+            .split(',')
+            .map(s => s.trim())
+            .filter(Boolean)
+        : undefined,
+      agentClientId: options.agentClientId,
+      agentClientSecret: options.agentClientSecret,
     };
   }
 

src/cli/commands/add/command.tsx

@@ -82,6 +82,9 @@ async function handleAddGatewayCLI(options: AddGatewayOptions): Promise<void> {
     discoveryUrl: options.discoveryUrl,
     allowedAudience: options.allowedAudience,
     allowedClients: options.allowedClients,
+    allowedScopes: options.allowedScopes,
+    agentClientId: options.agentClientId,
+    agentClientSecret: options.agentClientSecret,
     agents: options.agents,
   });
 
@@ -272,6 +275,9 @@ export function registerAdd(program: Command) {
     .option('--discovery-url <url>', 'OIDC discovery URL (required for CUSTOM_JWT)')
     .option('--allowed-audience <values>', 'Comma-separated allowed audience values (required for CUSTOM_JWT)')
     .option('--allowed-clients <values>', 'Comma-separated allowed client IDs (required for CUSTOM_JWT)')
+    .option('--allowed-scopes <scopes>', 'Comma-separated allowed scopes (optional for CUSTOM_JWT)')
+    .option('--agent-client-id <id>', 'Agent OAuth client ID for Bearer token auth (CUSTOM_JWT)')
+    .option('--agent-client-secret <secret>', 'Agent OAuth client secret (CUSTOM_JWT)')
     .option('--json', 'Output as JSON')
     .action(async options => {
       requireProject();

src/cli/commands/add/types.ts

@@ -31,6 +31,9 @@ export interface AddGatewayOptions {
   discoveryUrl?: string;
   allowedAudience?: string;
   allowedClients?: string;
+  allowedScopes?: string;
+  agentClientId?: string;
+  agentClientSecret?: string;
   agents?: string;
   json?: boolean;
 }