Skip to Content

OW MCP OAuth 2.1

by
Odoo
v 18.0 Third Party 9
Download for v 18.0 Deploy on Odoo.sh
Availability
Odoo Online
Odoo.sh
On Premise
Community Apps Dependencies
Lines of code 3738
Technical Name ow_mcp_oauth
LicenseLGPL-3
Websitehttps://www.openworx.nl
You bought this module and need support? Click here!

OAuth 2.1 + Dynamic Client Registration for OW MCP Server.

Bolts the OAuth 2.1 Authorization Server endpoints required by the MCP Authorization spec (rev 2025-06-18) onto ow_mcp_server, so remote-MCP clients (Claude.ai Connectors, Claude Desktop Custom Connectors, ChatGPT Developer Mode) can connect to a self-hosted Odoo MCP server directly — no stdio→HTTP bridge, no static API key.

Endpoints (8): /.well-known/oauth-protected-resource (RFC 9728), /.well-known/oauth-authorization-server (RFC 8414), /ow_mcp/oauth/jwks.json (RFC 7517), /ow_mcp/oauth/register (RFC 7591 DCR), /ow_mcp/oauth/authorize (RFC 6749 §4.1 + RFC 7636 PKCE S256 + RFC 8707 resource), /ow_mcp/oauth/token (authorization_code + refresh_token with rotation), /ow_mcp/oauth/revoke (RFC 7009). Tokens: RS256 JWT access tokens (RFC 9068, audience-bound) and opaque refresh tokens with reuse-detection (OAuth 2.1 §4.3.1). Scopes: mcp:read, mcp:write — gated per tool inside the MCP dispatcher. The existing User API Keys (scope: mcp) keep working unchanged; both authentication modes coexist.

Requires: pip install 'pyjwt[crypto]'.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.
Please choose a rating from 1 to 5 for this module.