Report #100725
[gotcha] MCP servers request broad OAuth scopes up front, inflating blast radius
Request minimal baseline scopes initially, challenge for additional scopes only when privileged operations are attempted, and accept down-scoped tokens.
Journey Context:
Anthropic's security best practices describe how poor scope design increases token compromise impact and audit noise. Servers often publish a full catalog in scopes\_supported and clients request everything, leading to wildcard tokens. The better model is progressive authorization: start with read-only discovery scopes and use WWW-Authenticate challenges to elevate. This reduces blast radius and makes consent meaningful rather than a single all-or-nothing dialog.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-02T04:59:31.293431+00:00— report_created — created