Skip to content

Support Embedded Auth Server alongside AWS STS token exchange#50

Open
tgrunnagle wants to merge 2 commits intomainfrom
embedded-as-with-aws-sts_2026-03-06
Open

Support Embedded Auth Server alongside AWS STS token exchange#50
tgrunnagle wants to merge 2 commits intomainfrom
embedded-as-with-aws-sts_2026-03-06

Conversation

@tgrunnagle
Copy link
Contributor

@tgrunnagle tgrunnagle commented Mar 6, 2026
edited
Loading

RFC to support running the embedded authorization server alongside the AWS STS token exchange middleware.

@tgrunnagle tgrunnagle marked this pull request as ready for review March 6, 2026 17:00
@tgrunnagle tgrunnagle requested a review from jhrozek March 6, 2026 17:01
jhrozek
jhrozek reviewed Mar 9, 2026
View reviewed changes
rfcs/THV-0050-embedded-as-with-aws-sts.md

## Summary

Add an `awsStsConfigRef` field to `MCPServerSpec` that references an `MCPExternalAuthConfig` of `type: awsSts`, independently of `externalAuthConfigRef`. This enables the embedded authorization server (`type: embeddedAuthServer`) to be used alongside AWS STS outgoing credential signing in the same proxy runner pipeline, which is not possible today.
Copy link
Contributor

@jhrozek jhrozek Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, would the AWS STS work with MCPServer at all? I've only ever tested that with MCPRemoteProxy. And looking at the STS code, it does require a RemoteURL.

Copy link
Contributor

@jhrozek jhrozek Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

More context: the reason the STS context requires a remote URL is that with AWS STS, all HTTP messages carry an AWS-HMAC-SHA header that also encodes the target host. So the AWS STS can't work without a remote URL, was the intent to add a remote URL to MCPServer as well?

rfcs/THV-0050-embedded-as-with-aws-sts.md

...cannot configure both in the operator. They must use one or the other.

This affects any team deploying an MCP server in front of an AWS-backed service (e.g., Amazon Bedrock, AWS Lambda, internal services secured with IAM) while also wanting a proper OAuth 2.0 client authentication flow for the MCP client side.
Copy link
Contributor

@jhrozek jhrozek Mar 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having the vMCP work in mind that will hit exactly the same issue I wonder if we should rather head in the opposite direction and keep the ExternalAuth CRD strictly for the MCPServer-to-backend API and add a new CRD for the authserver config. Then the MCP server would define:

    authServerRef:
      name: my-auth-server        # Identity
    externalAuthConfigRef:
      name: my-sts-config         # Outgoing: AWS STS

where my-auth-server would point to:

  apiVersion: toolhive.stacklok.com/v1alpha1
  kind: MCPAuthServerConfig  # Or inline in MCPServer spec if we wanted to
  metadata:
    name: my-auth-server
  spec:
    issuerURL: https://...
    upstreams: [...]

this would allow us to compose the configuration more freely and express combinations like auth server + rfc token exchange, auth server + entra OBO, authserver + static header injection etc without any other changes to the CRDs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jhrozek jhrozek jhrozek left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tgrunnagle @jhrozek