<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Bearer Token on</title><link>https://eunus.dev/tags/bearer-token/</link><description>Recent content in Bearer Token on</description><generator>Hugo -- gohugo.io</generator><lastBuildDate>Thu, 02 Jul 2026 00:00:00 +0600</lastBuildDate><atom:link href="https://eunus.dev/tags/bearer-token/index.xml" rel="self" type="application/rss+xml"/><item><title>Model Context Protocol Series 2A — OAuth 2.1 for MCP: Connecting Claude to Your Real Users with OpenIddict</title><link>https://eunus.dev/blog/model-context-protocol-series-2a-oauth-2.1-for-mcp-connecting-claude-to-your-real-users-with-openiddict/</link><pubDate>Thu, 02 Jul 2026 00:00:00 +0600</pubDate><guid>https://eunus.dev/blog/model-context-protocol-series-2a-oauth-2.1-for-mcp-connecting-claude-to-your-real-users-with-openiddict/</guid><description>Series 1 ended with a working MCP server — but every tool call it made to the backend used a service account with admin access and no tenant context. Which means Claude could, in theory, pull data from any tenant in the system. No audit trail. No permission boundaries. Just a skeleton key with your API&amp;rsquo;s address on it.
That&amp;rsquo;s not a security model. That&amp;rsquo;s a liability.
This post replaces the service account with OAuth 2.</description></item></channel></rss>