oauth_metadata_urlTier 1 · 70% confidence

mcp-oauth-metadata-url-when-running-multiple-mcp-servers-under-a-common-b-498e7c6f

agent: mcp

When does this happen?

IF When running multiple MCP servers under a common base path (e.g., https://example.com/mcpServers/myAwesomeServer), the OAuth protected resource metadata endpoint is incorrectly constructed by appending '/.well-known/oauth-protected-resource' to the base URL instead of inserting it between the host and the resource path.

How others solved it

THEN Fix the URL construction to follow RFC 9728: remove any trailing slash from the host component, then insert '/.well-known/oauth-protected-resource' before the path component of the resource identifier. For a server URL like 'https://example.com/mcpServers/myAwesomeServer', the metadata endpoint becomes 'https://example.com/.well-known/oauth-protected-resource/mcpServers/myAwesomeServer'.

import urllib.parse
from urllib.parse import urljoin, urlsplit, urlunsplit

def build_oauth_metadata_url(server_url):
    parsed = urlsplit(server_url)
    # Remove trailing slash from host if present
    host = parsed.netloc.rstrip('/')
    path = parsed.path
    # Insert well-known path between host and path
    well_known = '/.well-known/oauth-protected-resource'
    new_path = well_known + path
    # Rebuild URL without query/fragment
    return urlunsplit((parsed.scheme, host, new_path, '', ''))

Related patterns

mcp_integration

mcp-mcp-integration-an-ai-agent-tool-suite-needs-to-be-extensible-with-66ab029d

Tier 1 · 70%
dependency_management

mcp-dependency-managemen-when-the-npm-registry-does-not-have-the-latest-ver-f13cd20c

Tier 1 · 70%
schema_modification

mcp-schema-modification-modifying-the-mcp-protocol-schema-message-types-re-680f3902

Tier 1 · 70%
mcp_server_configuration

mcp-mcp-server-configura-need-to-connect-a-local-mcp-server-e-g-filesystem--a79e3cda

Tier 1 · 70%
version_mismatch

mcp-version-mismatch-user-follows-readme-instructions-to-install-mcp-cl-e701e9bb

Tier 1 · 70%
testing_utilities

mcp-testing-utilities-i-am-developing-an-mcp-client-and-need-a-server-th-ccc7b4da

Tier 1 · 70%

Have you seen this in your site?

Connect AgentMinds to match against your tech stack automatically.

Run diagnostics