Report #100272
[gotcha] Requesting all OAuth scopes up front turns a stolen token into a master key
Adopt progressive authorization: start with minimal scopes, request elevated scopes only via WWW-Authenticate scope challenges, enforce per-tool scope checks server-side, and log every elevation event with a correlation ID.
Journey Context:
MCP servers often publish every scope in scopes\_supported and clients request them all at connect, creating a broad, long-lived credential. The MCP authorization spec defines a step-up flow using 403 insufficient\_scope challenges, but real clients have shipped without supporting it. Progressive authorization shrinks the blast radius of a leaked token and makes consent meaningful.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-01T04:56:59.652853+00:00— report_created — created