# AuthPlane Docs > Self-hosted OAuth 2.1 authorization server purpose-built for the Model Context Protocol (MCP). Spec-compliant, single Go binary, federates to your existing IdP. License AGPL-3.0; SDKs for Python, TypeScript, and Go. These docs describe how to run AuthPlane, the concepts behind it, and how to wire an MCP server to it. The full markdown for every page is available in one request at [llms-full.txt](https://docs.authplane.ai/llms-full.txt). ## Getting started - [Introduction](https://docs.authplane.ai/introduction/): What AuthPlane is, what problem it solves, and how to read these docs. - [Quickstart](https://docs.authplane.ai/quickstart/): Running OAuth 2.1 + MCP authorization server with a live SDK-protected resource in ten minutes. - [Your first MCP server](https://docs.authplane.ai/first-mcp-server/): Walk through the Quickstart snippet line by line — what each SDK call does, and how to extend it. - [Choose your topology](https://docs.authplane.ai/choose-your-topology/): Pick the deployment shape that matches your setup — single agent, gateway, brokered upstream, or enterprise federated. ## Concepts - [Architecture](https://docs.authplane.ai/concepts/architecture/): Hexagonal layers, request flow, domain model, storage, and observability — what actually runs when you start the AuthPlane binary. - [Resource servers & PRM](https://docs.authplane.ai/concepts/resource-servers-prm/): Your MCP server is an OAuth 2.1 resource server. RFC 9728 Protected Resource Metadata is how it tells clients where to authenticate. What the SDKs publish for you. - [Grants & flows](https://docs.authplane.ai/concepts/grants-and-flows/): The five OAuth grants AuthPlane implements — auth code + PKCE, refresh, client credentials, token exchange, JWT bearer — and when to use each. - [Token Vault](https://docs.authplane.ai/concepts/token-vault/): The mental model behind Broker resources — how AuthPlane stores third-party OAuth refresh grants encrypted at rest and vends short-lived upstream access tokens on demand. - [Delegation & act-chain](https://docs.authplane.ai/concepts/delegation-act-chain/): RFC 8693 act-claim semantics — how AuthPlane records every hop when one agent calls another that calls a third, so the full delegation chain is reconstructable from any exchanged token. - [DPoP](https://docs.authplane.ai/concepts/dpop/): The mental model — bearer tokens are house keys, DPoP-bound tokens are keys tied to your fingerprint. RFC 9449 in one page. Deep spec detail in Security. - [Cross-App Access (XAA)](https://docs.authplane.ai/concepts/xaa/): The mental model — your enterprise IdP asserts agent identity via a signed JWT (ID-JAG), AuthPlane accepts it and mints an MCP token. Skips per-user consent for policy-approved agents. - [Agent identity](https://docs.authplane.ai/concepts/agent-identity/): AuthPlane extensions — agent_id and agent_chain claims in every JWT. Which agent is calling your MCP server + the full agent chain in multi-agent flows. ## SDKs - [SDKs overview](https://docs.authplane.ai/sdks/overview/): Which AuthPlane SDK adapter to use for your MCP framework — Python, TypeScript, Go — plus the feature matrix and install commands. - [Python](https://docs.authplane.ai/sdks/python/): Three Python packages — authplane-mcp (official MCP SDK), authplane-fastmcp (PrefectHQ), and authplane core primitives — with the caveats you need to know. - [TypeScript](https://docs.authplane.ai/sdks/typescript/): Five @authplane/* packages — mcp (official SDK), fastmcp (punkpeye), hono, nestjs, and core — with quickstarts and the API surface you need. - [Go](https://docs.authplane.ai/sdks/go/): Four Go modules — authplanemcp (official MCP SDK), mark3labs, http (any net/http server), and core primitives. ## Guides - [Connect an MCP client](https://docs.authplane.ai/guides/connect-mcp-client/): Point Claude Desktop, Cursor, VS Code Copilot, or MCP Inspector at your AuthPlane-protected MCP server — configs and known quirks per client. - [Federate to your IdP](https://docs.authplane.ai/guides/federate-idp/): Delegate user authentication to Google Workspace, Okta, Entra ID, Auth0, or any OIDC provider — AuthPlane still issues the MCP tokens. - [Enable DPoP end-to-end](https://docs.authplane.ai/guides/enable-dpop/): Turn on RFC 9449 sender-constrained tokens across AuthPlane and your SDK — with the reverse-proxy and Python fastmcp gotchas that trip people up. - [Testing with MCP Inspector](https://docs.authplane.ai/guides/mcp-inspector/): Use the official MCP Inspector as a fast smoke test — verify PRM discovery, DCR, PKCE, consent, tool calls, and scope enforcement end to end. - [Wire up the Token Vault](https://docs.authplane.ai/guides/token-vault/): End-to-end setup for vending upstream OAuth tokens (GitHub, Slack, Google) from your MCP tools — encryption, broker providers, Connect flow, URL elicitation. - [Upstream connections](https://docs.authplane.ai/guides/upstream-connections/): Register broker providers of three protocol types (oauth, apikey, service_account), configure the Connect flow, and understand the three-bound consent model. - [Enterprise-Managed Auth (XAA)](https://docs.authplane.ai/guides/xaa/): End-to-end setup for JWT Bearer + the ID-JAG assertion profile (emerging IETF draft) — your enterprise IdP asserts agent identity, AuthPlane mints MCP tokens without per-user consent. - [Runtime client binding](https://docs.authplane.ai/guides/runtime-client-binding/): policy.runtime.client_ids — declare which OAuth client_ids are authorized to act AS a given Mint resource. Default-deny; used by the broker actor-attestation gate. - [Monitoring & observability](https://docs.authplane.ai/guides/monitoring/): Prometheus scrape config, alerting rules, structured logging, and OpenTelemetry traces — full observability wiring across every AuthPlane deployment mode. - [Admin API guide](https://docs.authplane.ai/guides/admin-api/): Task-focused walkthroughs for the Admin API and CLI — register a client, rotate keys, revoke tokens, inspect issuances, manage broker providers. ## Deployment topologies - [Agent + single MCP](https://docs.authplane.ai/topologies/single-mcp/): The canonical baseline — one agent, one MCP server, one user, OAuth 2.1 authorization-code + PKCE, per-user audit. - [Agent + multiple MCPs (Direct fanout)](https://docs.authplane.ai/topologies/direct-fanout/): One agent, N MCPs, one user — per-MCP consent, per-MCP audience-bound tokens. Simplest multi-resource shape. - [Agent + brokered MCP](https://docs.authplane.ai/topologies/broker-mcp/): MCP wraps an upstream OAuth provider (Google, GitHub, Slack) — AuthPlane vends upstream tokens per request via RFC 8693 token exchange. Three-bound consent. - [Backend service + MCP (no user)](https://docs.authplane.ai/topologies/m2m-client-credentials/): Machine-to-machine — a backend worker, CI pipeline, or automated agent calls an MCP as itself. Client credentials grant, no user, no consent screen. - [Folded resource (internal services behind one MCP)](https://docs.authplane.ai/topologies/folded-resource/): Multiple internal services hidden behind a single MCP boundary. AuthPlane sees one Resource; the MCP fans out privately using its own service-mesh auth. - [Client-credentials hop](https://docs.authplane.ai/topologies/client-credentials-hop/): Gateway calls hidden infra as ITSELF using client_credentials on the second hop — deliberately drops user context. Use when downstream doesn't need user identity. - [MCP gateway → hidden Mint](https://docs.authplane.ai/topologies/mcp-gateway-mint/): A gateway fronts a hidden MCP. AuthPlane issues JWTs to the gateway carrying an act-claim chain naming the downstream. User identity + agent chain preserved end to end. - [MCP gateway → broker](https://docs.authplane.ai/topologies/mcp-gateway-broker/): A gateway fronts an upstream-IdP-backed service. AuthPlane vends the upstream bearer to the gateway, which forwards it to the third-party API. - [OIDC-federated user login](https://docs.authplane.ai/topologies/oidc-federated-login/): Users sign in via Google Workspace / Okta / Entra ID / Auth0 / any OIDC provider. AuthPlane never sees passwords; still issues the MCP tokens. - [Enterprise-Asserted Agent Identity (XAA)](https://docs.authplane.ai/topologies/enterprise-xaa/): Corporate IdP signs a JWT asserting the agent's identity. AuthPlane accepts it via jwt-bearer grant (RFC 7523) and mints an MCP token — no per-user consent screen. ## Operate - [Operate overview](https://docs.authplane.ai/operate/overview/): Pick the deployment mode that fits your environment — standalone binary, Docker Compose, or Kubernetes — with the trade-offs laid out. - [Docker Compose](https://docs.authplane.ai/operate/docker-compose/): Production-grade Docker Compose files for AuthPlane — SQLite single-instance and PostgreSQL multi-instance-ready, plus Caddy for automatic TLS. - [Kubernetes (Helm)](https://docs.authplane.ai/operate/kubernetes/): Production-grade Helm chart for AuthPlane — PostgreSQL/SQLite storage, OIDC federation, Vault Transit signing, split ingress for OAuth and admin, and OTEL observability. - [Standalone binary](https://docs.authplane.ai/operate/standalone/): Run AuthPlane as a Linux binary under systemd — dedicated user, keyfile signing, reverse proxy, hardened service unit. - [Vault Transit signing](https://docs.authplane.ai/operate/vault-transit/): Delegate JWT signing to HashiCorp Vault Transit — private keys never leave Vault, audit trail per signing operation, FIPS-ready with HSM-backed Vault. - [Backup, upgrade, purge](https://docs.authplane.ai/operate/backup-upgrade-purge/): Data lifecycle for AuthPlane — backup by storage driver, upgrade path with semver, and scheduling authserver purge across systemd, Docker, and Kubernetes. ## Reference - [Configuration](https://docs.authplane.ai/reference/configuration/): Every configuration key AuthPlane exposes — YAML shape, environment variable mapping, defaults, and semantics. - [Public API](https://docs.authplane.ai/reference/public-api/): OpenAPI reference for AuthPlane's public OAuth 2.1 endpoints — /oauth/*, /.well-known/*, /oidc/*, /connect/*, /health. - [Admin API](https://docs.authplane.ai/reference/admin-api/): OpenAPI reference for AuthPlane's admin surface on :9001 — clients, users, resources, providers, grants, issuances, signing keys, audit, XAA. - [RFC compliance](https://docs.authplane.ai/reference/rfc-compliance/): Every RFC AuthPlane implements — coverage, intentional deviations, and where each one shows up on the wire. - [Errors](https://docs.authplane.ai/reference/errors/): Complete error catalog — OAuth error codes, WWW-Authenticate patterns (Bearer + DPoP), RFC 9457 problem+json envelope, MCP JSON-RPC -32042, and top-20 symptom→fix table. - [Metrics & CLI](https://docs.authplane.ai/reference/metrics-and-cli/): Complete catalog of AuthPlane's Prometheus/OTel metrics + every authserver CLI command with its flags. ## Security - [Threat model](https://docs.authplane.ai/security/threat-model/): The 16 threats AuthPlane is designed to resist, with the specific mitigation for each and what to monitor to detect real attacks. - [Token design](https://docs.authplane.ai/security/token-design/): Five token types AuthPlane issues — access (JWT), refresh (opaque), machine (JWT), exchanged (JWT), auth code (opaque) — with the design reasoning behind each choice. - [DPoP](https://docs.authplane.ai/security/dpop/): RFC 9449 deep dive — proof structure, algorithms, nonce flow, HTU derivation, and every security invariant AuthPlane enforces on inbound proofs. - [Key management](https://docs.authplane.ai/security/key-management/): Signing key lifecycle, storage backends (keyfile / postgres_key / vault_transit), rotation semantics, algorithm choice, and JWKS caching. - [Reporting vulnerabilities](https://docs.authplane.ai/security/reporting-vulnerabilities/): How to report a security issue in AuthPlane privately, what's in scope, and the response SLAs. ## FAQ & Troubleshooting - [FAQ](https://docs.authplane.ai/troubleshooting/faq/): Common questions teams ask before they deploy AuthPlane — positioning, compliance, deployment, capacity, and operational concerns. - [Common errors](https://docs.authplane.ai/troubleshooting/common-errors/): The top-20 errors AuthPlane operators actually hit, each with cause and fix. Everything else in the full catalog at Reference: Errors. - [Debugging checklist](https://docs.authplane.ai/troubleshooting/debugging/): End-to-end debugging checklist for when something is broken and you don't know at which layer — from health checks to token decode to trace correlation. - [Getting help](https://docs.authplane.ai/troubleshooting/getting-help/): GitHub Issues, Discussions, security disclosures, and what to include in a bug report so the maintainers can help fast. ## Project - Marketing: https://authplane.ai/ - Source: https://github.com/authplane/authserver (AGPL-3.0) - Releases: https://github.com/authplane/authserver/releases - OpenAPI specs: [public API](https://docs.authplane.ai/api/public-api.yaml), [admin API](https://docs.authplane.ai/api/admin-api.yaml) - Spec: MCP Authorization 2025-11-25; OAuth 2.1; PKCE-S256 mandatory; DPoP per RFC 9449. - Security disclosures: [reporting guide](https://docs.authplane.ai/security/reporting-vulnerabilities/) — GitHub Private Vulnerability Reporting preferred.