-
-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Dick Davis edited this page Jan 24, 2026
·
11 revisions
Welcome to the TokenAuthority wiki. This documentation covers advanced configuration and customization topics.
- Installation Guide - Generator options, custom table names, database tables
- MCP Quickstart - Complete setup guide for MCP server developers
- Configuration Reference - All configuration options explained
- Process Flows - OAuth authorization, token management, discovery, and registration flows
- User Authentication - Custom authentication setups
- Protecting API Endpoints - Token validation and error handling
- Customizing Views - Styling consent screens and error pages
- Event Logging - Structured event logging for monitoring and debugging
- Instrumentation - Performance monitoring with ActiveSupport::Notifications
- Manual Testing - Testing the OAuth flow with the dummy app
For basic setup instructions, see the README.
TokenAuthority implements the OAuth standards specified in the MCP Authorization Specification:
| Status | Standard |
|---|---|
| Supported | OAuth 2.1 IETF DRAFT |
| Supported | OAuth 2.0 Authorization Server Metadata (RFC 8414) |
| Supported | OAuth 2.0 Resource Indicators (RFC 8707) |
| Supported | OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591) |
| Supported | OAuth 2.0 Protected Resource Metadata (RFC 9728) |
| Supported | OAuth Client ID Metadata Documents |
Getting Started
- Installation Guide
- MCP Quickstart
- Configuration Reference
- User Authentication
- Protecting API Endpoints
- Customizing Views
- Event Logging
- Instrumentation
Process Flows
- Authorization Code Grant
- Authorization Code Redemption
- Token Refresh
- Token Revocation
- Authorization Server Metadata
- Protected Resource Metadata
- Dynamic Client Registration
- Client Metadata Documents
Development