Merge pull request #6039 from ranuka-laksika/unify_mcp

sahandilshan · web-flow · commit 927cebc9a879 · 2026-04-20T12:32:35.000+05:30
Update MCP documentation to reflect unified MCP capabilities across all app types
diff --git a/en/asgardeo/docs/tutorials/end-to-end-mcp-authorization-with-asgardeo.md b/en/asgardeo/docs/tutorials/end-to-end-mcp-authorization-with-asgardeo.md
@@ -77,7 +77,7 @@ Register the VetAssist MCP Server in {{ product_name }} as an MCP server (identi
 Define the scopes that the MCP server will use to ensure the correct access to its tools and resources. For our example use case, let’s define the following scopes.
 
 - pet-profile:read Permission to get the authorized user’s Pet information
-- pet-profile:write Permission to add new pet information or update existing pet information 
+- pet-profile:write Permission to add new pet information or update existing pet information
 
     ![ Configure scopes for VetAssist MCP Server tools]({{base_path}}/assets/img/tutorials/e2e-mcp-authz/configure-vetassist-mcp-scopes.png)
 
@@ -104,30 +104,35 @@ Navigate to the Pet Owner role’s edit view, go to the Users tab and assign Bob
 
 #### Configure the MCP client
 
+To configure the MCP client, you need to register a new MCP client application in {{ product_name }}.
+
 ##### Register a new MCP client application
 
 We need to have the Vet Assist AI application registered in Asgardeo, so that the registered MCP server can be authorized to the AI application and the application can securely access the MCP server on behalf of the authenticated user.
 
 To register the MCP client,
 
 - On {{ product_name }}, navigate to Applications > New Application
-- Select the MCP client application template.
+- Select the **MCP Client Application** template.
 - Provide the necessary details and click create.
-    - **Name** - provide a meaningful name
-    - **Redirect URL** - provide an endpoint in the VetAssist AI app that can receive and process the authorization code.
+  - **Name** - provide a meaningful name
+  - **Redirect URL** - provide an endpoint in the VetAssist AI app that can receive and process the authorization code.
 
 ![Register VetAssist MCP Client]({{base_path}}/assets/img/tutorials/e2e-mcp-authz/register-vetassist-mcp-client.png)
 
+!!! note
+    While the **MCP Client Application** template provides optimized defaults for MCP connections, you can also use other application types (Single Page App, Traditional Web App, Mobile App, or M2M App) to access MCP servers, except Digital Wallet applications.
+
 Record the Client ID of the created application. We will need this when configuring {{ product_name }} in the Vet Assist application.
 
 ##### Authorize MCP server to the client
 
-The registered MCP client needs to be authorized to access the MCP server. To do that,
+The registered application needs to be authorized to access the MCP server. To do that,
 
 - Navigate to **Applications**.
-- Click on the MCP client application you created in the above step.
+- Click on the application you created in the above step.
 - Navigate to the **Authorization** tab.
-- Click on **Authorize an API Resource**.
+- Click on **Authorize Resource**.
 - Select MCP server from the Resource dropdown.
 - Select `pet-profile:read` and `pet-profile:write` scopes.
 - Click Finish.
diff --git a/en/includes/guides/agentic-ai/mcp/index.md b/en/includes/guides/agentic-ai/mcp/index.md
@@ -34,8 +34,16 @@ MCP servers can be registered as protected resources in {{ product_name }}. This
 
 ## [Setting up MCP clients]({{base_path}}/guides/agentic-ai/mcp/register-mcp-client-app/)
 
+{% if is_version == "next" or product_name == "Asgardeo" %}
+An MCP client is a connection component that host applications use to interface with MCP servers through dedicated, stateful sessions. When connecting to an MCP server, you can register the client application in {{ product_name }}, which also creates an OAuth 2.1 client meeting the necessary standards. Applications can be authorized with specific scopes that define their permitted access to MCP servers, ensuring they operate only within authorized boundaries and maintain a secure ecosystem for model interactions.
+
+{{ product_name }} provides a specialized **MCP Client Application** template for quickly setting up applications optimized for MCP connections. However, MCP servers can also be accessed by most other application types (such as Single Page Applications, Traditional Web Applications, and Mobile Applications), with the exception of Digital Wallet applications.
+{% else %}
 An MCP client is a connection component that host applications use to interface with MCP servers through dedicated, stateful sessions. When connecting to an MCP server, you can register the client in {{ product_name }}, which also creates an OAuth 2.1 client meeting the necessary standards. Clients can be authorized with specific scopes that define their permitted access to MCP servers, ensuring they operate only within authorized boundaries and maintain a secure ecosystem for model interactions.
 
+{{ product_name }} provides an application template with default configurations to register an MCP client with minimal effort.
+{% endif %}
+
 !!! info
     Refer to the [MCP Client Registration guide]({{base_path}}/guides/agentic-ai/mcp/register-mcp-client-app/) for detailed steps on setting up MCP clients and authorizing them to access MCP servers.
 
diff --git a/en/includes/guides/applications/register-mcp-client-app.md b/en/includes/guides/applications/register-mcp-client-app.md
@@ -2,7 +2,14 @@
 
 The Model Context Protocol (MCP) specification defines that authorization is initiated by MCP clients. These clients handle authorization flows, manage tokens and sessions with MCP servers, and provide end-user experiences based on user permissions.
 
+{% if is_version == "next" or product_name == "Asgardeo" %}
+{{ product_name }} provides an **MCP Client Application** template with default configurations to register an MCP client with minimal effort. This template has been configured to create an OAuth application that adheres to the guidelines and best practices outlined in the [MCP authorization specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization).
+
+!!! info "Other Application Types"
+    While the MCP Client Application template is optimized for MCP connections, MCP servers can also be accessed by most other application types in {{ product_name }}, including Single Page Applications, Traditional Web Applications, Mobile Applications, and M2M Applications. The only exception is Digital Wallet applications, which cannot access MCP servers.
+{% else %}
 {{ product_name }} provides an application template with default configurations to register an MCP client with minimal effort. This template has been configured to create an OAuth application that adheres to the guidelines and best practices outlined in the [MCP authorization specification](https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization).
+{% endif %}
 
 ## Register an MCP Client Application
 
diff --git a/en/includes/guides/authorization/mcp-server-authorization.md b/en/includes/guides/authorization/mcp-server-authorization.md
@@ -58,13 +58,21 @@ To register an MCP server,
 Applications, by default, don't have permissions to access MCP servers. Administrators can selectively grant authorization for applications to use specific MCP servers, so that users logging into the application will have access to that MCP server, provided they're assigned to a role that grants the necessary permissions.
 
 !!! note
+    {% if is_version == "next" or product_name == "Asgardeo" %}
+    MCP servers can be authorized to all OIDC application types including Custom OIDC applications, Traditional Web applications, Single-Page applications (SPA), Mobile applications, and Machine-to-Machine (M2M) applications. The [MCP Client Application]({{base_path}}/guides/applications/register-mcp-client-app/) template provides a pre-configured option for MCP-specific use cases. Digital Wallet applications can only access Verifiable Credential resources and cannot authorize MCP servers.
+    {% else %}
     Currently MCP servers can only be authorized to applications that are created from the [MCP client Application]({{base_path}}/guides/applications/register-mcp-client-app/) template.
+    {% endif %}
 
 To authorize an application to consume an MCP server,
 
 1. On the {{ product_name }} Console, go to **Applications**.
 
+{% if is_version == "next" or product_name == "Asgardeo" %}
+2. Select your application and go to its **Authorization** tab.
+{% else %}
 2. Select the MCP client application and go to its **Authorization** tab.
+{% endif %}
 
 3. Click **Authorize a resource**.
 
@@ -80,7 +88,11 @@ To authorize an application to consume an MCP server,
         </tr>
         <tr>
             <td><b>Authorized Scopes</b></td>
+            {% if is_version == "next" or product_name == "Asgardeo" %}
+            <td>Select the scopes that the application should be able to request.</td>
+            {% else %}
             <td>Select the scopes that the MCP client should be able to request.</td>
+            {% endif %}
         </tr>
     </table>
 
diff --git a/en/includes/quick-starts/agent-auth-py.md b/en/includes/quick-starts/agent-auth-py.md
@@ -50,6 +50,10 @@ To allow your agent (or user acting through the agent) to authenticate and conne
 !!! Info
     The **authorized redirect URL** defines the location Asgardeo sends users to after a successful login, typically the address of the client application that connects to the MCP server.
     In this guide, the AI agent behaves as the client, which consists of a lightweight OAuth 2.1 callback server running at `http://localhost:6274/oauth/callback` to capture the authorization code. So, we will use this URL as the authorized redirect for this guide.
+    {% if is_version == "next" or product_name == "Asgardeo" %}
+
+    While we're using the **MCP Client Application** template here for optimized MCP settings, you can also use other application types (Single Page App, Traditional Web App, Mobile App, or M2M App) to access MCP servers, except Digital Wallet applications.
+    {% endif %}
 
 Make a note of the **client-id** from the **Protocol** tab of the registered application. You will need it during the [Build an AI Agent](#build-an-ai-agent) section of this guide.
 
diff --git a/en/includes/quick-starts/agent-auth-ts.md b/en/includes/quick-starts/agent-auth-ts.md
@@ -51,6 +51,10 @@ To allow your agent (or user acting through the agent) to authenticate and conne
 !!! Info
     The **authorized redirect URL** defines the location Asgardeo sends users to after a successful login, typically the address of the client application that connects to the MCP server.
     In this guide, the AI agent behaves as the client, which consists of a lightweight OAuth 2.1 callback server running at `http://localhost:3001/callback` to capture the authorization code. So, we will use this URL as the authorized redirect for this guide.
+    {% if is_version == "next" or product_name == "Asgardeo" %}
+
+    While we're using the **MCP Client Application** template here for optimized MCP settings, you can also use other application types (Single Page App, Traditional Web App, Mobile App, or M2M App) to access MCP servers, except Digital Wallet applications.
+    {% endif %}
 
 Make a note of the **Client ID** from the **Protocol** tab of the registered application. You will need it during the [Build an AI Agent](#build-an-ai-agent) section of this guide.
 
diff --git a/en/includes/quick-starts/mcp-auth-server-py.md b/en/includes/quick-starts/mcp-auth-server-py.md
@@ -27,6 +27,10 @@ To enable clients to sign in and safely connect to the MCP server, an applicatio
 !!! Info
     The authorized redirect URL defines the location Asgardeo sends users to after a successful login, typically the address of the client application that connects to the MCP server.
     For this guide, we will use ["MCP Inspector"](https://modelcontextprotocol.io/docs/tools/inspector) to test the MCP server, so we will use `http://localhost:6274/oauth/callback`, as the authorized redirect URL.
+    {% if is_version == "next" or product_name == "Asgardeo" %}
+
+    While we're using the **MCP Client Application** template here for optimized MCP settings, you can also use other application types (Single Page App, Traditional Web App, Mobile App, or M2M App) to access MCP servers, except Digital Wallet applications.
+    {% endif %}
 
 Make a note of the **client-id** from the **Protocol** tab of the registered application. You will need it during the [Test the MCP server with authentication](#test-the-mcp-server-with-authentication) section of this guide.
 
diff --git a/en/includes/quick-starts/mcp-auth-server.md b/en/includes/quick-starts/mcp-auth-server.md
@@ -315,14 +315,18 @@ To register MCP Inspector as a MCP client in {{product_name}}:
 
 <!-- markdownlint-disable MD007 -->
 - Sign in to {{ product_name }} console and navigate to **Applications > New Application**.
-- Select **MCP Client** and complete the wizard popup by providing:
+- Select **MCP Client Application** and complete the wizard popup by providing:
     - A suitable **name** *(e.g., MCPInspectorApp)*
     - The **authorized redirect URL** *(e.g., http://localhost:6274/oauth/callback/debug)*
 <!-- markdownlint-enable MD007 -->
 
 !!! Info
     The authorized redirect URL determines where users are sent after sign-in, typically where the client app connecting to the MCP server is running.
     For this guide, we'll use ["MCP Inspector"](https://modelcontextprotocol.io/docs/tools/inspector) to test the MCP server, so we'll use `http://localhost:6274/oauth/callback/debug`, as the authorized redirect URL.
+    {% if is_version == "next" or product_name == "Asgardeo" %}
+
+    While we're using the **MCP Client Application** template here for optimized MCP settings, you can also use other application types (Single Page App, Traditional Web App, Mobile App, or M2M App) to access MCP servers, except Digital Wallet applications.
+    {% endif %}
 
 Make a note of the **client-id** from the **Protocol** tab of the registered application. You will need it during next step.
 
