TheDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/joseluis-dev/harness-ai/llms.txt
Use this file to discover all available pages before exploring further.
mcp-auth-service is the central OAuth 2.1 authority for all Harness AI components. Every MCP connector, runtime worker, and gateway service that calls a protected resource must present a Bearer token issued by this service. Tokens encode the caller’s identity, permitted scopes, and the server-assigned risk_level_cap — no client can elevate its own permissions by crafting a custom claim. All token operations are recorded in audit_auth_events for compliance review.
POST /oauth/token
Exchanges client credentials for a Bearer access token using the client_credentials grant.
Request
Tokens must never be sent in query strings. The only accepted transport is the
Authorization: Bearer header on subsequent requests. The mcp-auth-service rejects requests with tokens in query parameters.Response — 200 OK
Signed JWT. Verify locally against
/.well-known/jwks.json using the kid claim before each outbound call.Always
"Bearer".Token lifetime in seconds from issuance.
Space-separated list of scopes that were actually granted. May be a subset of what was requested if the client’s
allowed_scopes are narrower.Response — 401 Unauthorized (invalid credentials)
Response — 400 Bad Request (scope not permitted)
JWT Claims Reference
The access token is a signed JWT. Theauth-sdk validates the signature locally against /.well-known/jwks.json before any outbound call. Use /oauth/introspect only when the kid is unknown or the token is near expiry.
Issuer URL of the
mcp-auth-service (e.g. http://mcp-auth-service:8000). Must match the value configured in the auth-sdk.The
client_id of the technical client that requested this token.Intended audience — the
tool_registry resource (e.g. urn:harness:tool-registry). Recipients must validate this claim.Expiration timestamp. Validated by the
auth-sdk on every use. Expired tokens return 401 with error="invalid_token".Issuance timestamp.
Unique identifier for this token. Used by the revocation endpoint and stored in
audit_auth_events to enable per-token audit queries.Space-separated list of granted scopes (e.g.
sql:read sql:list_views). Resource servers must check that the required scope is present before serving a request.Maximum
risk_level this client is permitted to trigger. Set exclusively by the mcp-auth-service from oauth_clients.risk_level_cap in harness_auth_db. Clients cannot request or influence this claim — it is server-side only.Key ID used to sign this token. Enables key rotation: when a new signing key is introduced, existing tokens with the old
kid continue to be valid until expiry.WWW-Authenticate Header Format
All 401 responses from protected resources include a WWW-Authenticate header. The format follows RFC 6750 with Harness-specific extensions.
Token expired
Variants
| Scenario | error value | Notes |
|---|---|---|
| Token absent or malformed | (none) | WWW-Authenticate: Bearer realm="harness" — no error param. |
| Token expired | invalid_token | error_description is clear; no internal details exposed. |
| Token revoked | invalid_token | Same format as expired; the revocation reason is written to audit_auth_events only. |
| Scope insufficient | insufficient_scope | Adds scope="<required_scope>" when the required scope can be safely disclosed. |
| Client not active | invalid_client | Filtered to the requesting client_id; no information about other clients is exposed. |
POST /oauth/introspect
Checks the active state and claims of a token. Used by the auth-sdk when the kid is unknown or when the token is near expiry. Callers must authenticate with their own credentials.
Request
Response
active is false, only {"active": false} is returned — no other claims are disclosed for inactive tokens.
POST /oauth/revoke
Immediately invalidates a token. Subsequent uses of the revoked jti return 401 invalid_token. Revocation is recorded in audit_auth_events with type=token.revoked.
Request
Response
200 OK with an empty body. The revocation is always acknowledged with 200 regardless of whether the token was previously active, per RFC 7009.
audit_auth_events Schema
Every token operation — issuance, use, denial, revocation, and client lifecycle events — produces a row in audit_auth_events. This table is the compliance record for the authentication subsystem.
| Column | Type | Description |
|---|---|---|
id | bigserial | Primary key. |
type | enum | token.issued | token.used | token.denied | token.revoked | client.created | client.rotated | client.suspended. |
client_id | text (nullable) | The affected client. |
scope | text (nullable) | The scope requested or used in this event. |
tool_name | text (nullable) | The technical_name of the tool registry entry when the event is associated with a specific tool call. |
operation | text (nullable) | The specific operation within the tool (e.g. execute_query). |
decision | enum | allow | deny | require_approval. |
reason | text | Controlled institutional message — never free-form or user-concatenated. |
source_ip | inet | Origin IP address when available. |
execution_id | uuid (nullable) | Correlation with the executions and audit_events tables in harness_db. The client populates this field; the mcp-auth-service itself does not know about executions. |
created_at | timestamp | Timestamp of the event. |
HTTP Transport Rules
Clients request only the
scope they need. The risk_level_cap claim is computed server-side from oauth_clients.risk_level_cap in harness_auth_db — clients cannot include it in the token request. If the requested scope exceeds oauth_clients.allowed_scopes, the service returns invalid_scope or degrades to the maximum permitted scope when the tool’s policy explicitly allows degradation.