/documentation/configuration/authentication/Recent content in Authentication on MCP Toolbox for DatabasesHugoen/documentation/configuration/authentication/google/Mon, 01 Jan 0001 00:00:00 +0000/documentation/configuration/authentication/google/<h2 id="getting-started">Getting Started</h2> <p>Google Sign-In manages the OAuth 2.0 flow and token lifecycle. To integrate the Google Sign-In workflow to your web app <a href="https://developers.google.com/identity/sign-in/web/sign-in">follow this guide</a>.</p> <p>After setting up the Google Sign-In workflow, you should have registered your application and retrieved a <a href="https://developers.google.com/identity/sign-in/web/sign-in#create_authorization_credentials">Client ID</a>. Configure your auth service in with the <code>Client ID</code>.</p> <h2 id="behavior">Behavior</h2> <h3 id="authorized-invocations">Authorized Invocations</h3> <p>When using <a href="/documentation/configuration/tools/#authorized-invocations">Authorized Invocations</a>, a tool will be considered authorized if it has a valid Oauth 2.0 token that matches the Client ID.</p>/documentation/configuration/authentication/generic/Mon, 01 Jan 0001 00:00:00 +0000/documentation/configuration/authentication/generic/<h2 id="getting-started">Getting Started</h2> <p>The Generic Auth Service allows you to integrate with any OpenID Connect (OIDC) compliant identity provider (IDP). It discovers the JWKS (JSON Web Key Set) URL either through the provider&rsquo;s <code>/.well-known/openid-configuration</code> endpoint or directly via the provided <code>authorizationServer</code>.</p> <p>To configure this auth service, you need to provide the <code>audience</code> (typically your client ID or the intended audience for the token), the <code>authorizationServer</code> of your identity provider, and optionally a list of <code>scopesRequired</code> that must be present in the token&rsquo;s claims.</p>