Summary
Remove the current static bearer-token transport model from the MCP service and replace it with Better Auth-backed validation and server-side scope resolution.
Why this work is needed
The current MCP boundary still depends on static bearer auth and partially caller-supplied scope fields. That is not the target auth model for the platform.
Scope
- Replace static bearer validation.
- Validate Better Auth-issued credentials in the MCP server.
- Resolve effective role and visibility scope server-side.
- Stop trusting caller-supplied role and allowed-visibility fields once authenticated caller context is available.
- Add tests for valid credentials, invalid credentials, and scope clamping.
Out of scope
- Frontend UX.
- Reworking the retrieval SDK contract beyond what auth enforcement requires.
Acceptance criteria
- Static bearer auth is no longer the long-term MCP path.
- MCP validates Better Auth-backed credentials.
- Effective retrieval scope is server-derived and test-covered.
Dependencies
Summary
Remove the current static bearer-token transport model from the MCP service and replace it with Better Auth-backed validation and server-side scope resolution.
Why this work is needed
The current MCP boundary still depends on static bearer auth and partially caller-supplied scope fields. That is not the target auth model for the platform.
Scope
Out of scope
Acceptance criteria
Dependencies