Skip to main content

Authentication models

MintMCP separates how users authenticate to MCP servers from how those servers authenticate to downstream services. This means you can pick the right security model per tool without users managing secrets.

Connector authentication

Two models for how MCP connectors authenticate to downstream services:

ModelHow it worksUse when
Per-user credentialsEach user authenticates individuallyPersonal data (email, calendar), per-user permissions
Shared credentialsOne service account for all usersRead-only data, knowledge bases, systems without per-user auth

Per-user credentials

MintMCP forwards each user's identity to the underlying service. It stores OAuth tokens securely and refreshes them automatically.

Example: A Gmail connector prompts each employee to authorize during first use. MintMCP stores the OAuth refresh token and uses it only when that user calls a Gmail tool.

Shared credentials

Admins upload service-account tokens once. MintMCP decides which users can trigger those tools based on policy—the secret never reaches the user.

Example: A Snowflake connector uses a warehouse service account. MintMCP controls which schemas each role can query.

Mixing models

You can use both in a single MCP server: per-user for Gmail and Slack, shared for read-only analytics. The user experience stays consistent.

Client authentication

OAuth

Every MCP server exposes an OAuth 2.0 endpoint. AI clients use this to get access tokens representing the user and the selected MCP server.

Enterprise SSO

Enterprise customers can delegate authentication to their identity provider. We support Okta, Google Workspace, Azure AD, and other SAML/OIDC providers. See SSO configuration for setup.

Access control

Admins layer role-based or attribute-based policies on top of OAuth. These policies control:

  • Which MCP servers a user can see
  • Which connectors each server exposes
  • What parameters tools can accept

Audit logs

Every call produces audit logs with user identity, MCP server, connector, tool, and payload metadata. Export to your SIEM for SOX, SOC 2, HIPAA, or internal reporting.