Skip to content

cookbook: MCP OAuth CLI client with oclif (PKCE + DCR) #747

Description

@saif-at-scalekit

Customer signal

Problem

Developers building a companion CLI/SDK for an MCP server already protected by Scalekit OAuth need a concrete, framework-grounded recipe — not a standalone journey page.

Proposed content

Content type: Cookbook (not how-to in MCP Auth sidebar)
Framework: oclif (or another popular Node CLI framework if oclif is a poor fit)

Cover:

  • PKCE authorization code flow from a headless CLI
  • Loopback redirect URI (http://127.0.0.1:8765/callback)
  • Dynamic client registration vs pre-registered public client
  • Token storage and refresh (offline_access)
  • Calling the MCP server with Bearer token

Cross-link: authenticate/mcp/troubleshooting.mdx, authenticate/mcp/additional-reading.mdx

Why not a journey page

CLI OAuth is a narrow implementation pattern better suited to a cookbook/blog entry than the MCP Auth integration guides sequence.

Acceptance criteria

  • Runnable oclif (or equivalent) example
  • P.A.T. structure per COOKBOOKS.md
  • Security notes on token storage
  • Listed at /cookbooks/

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions