Authentication flow for the AgentFlow MCP Server
Learn how the AgentFlow MCP Server uses OAuth 2.0 with PKCE to authorize client access to context-aware tools.
The AgentFlow MCP Server uses OAuth 2.0 Authorization Code Flow with PKCE to authenticate users and agents. This flow ensures secure, auditable, and context-aware access to Reltio APIs. All interactions with MCP tools require a valid access token issued by the Reltio Authentication Server.
- Tokens are tenant-scoped and short-lived for secure session control.
- Only users with the
ROLE_EXECUTE_MCP
role or any role that includes theagentflow.mcp.EXECUTE
permission can invoke MCP tools. Require provisioning by your tenant administrator. - All API calls are governed by Reltio's Permissions Framework and logged in the Activity Log.
- PKCE ensures compatibility with both browser and headless agent clients.
Authentication workflow
-
User prompt: A user agent (browser) initiates the flow with a user prompt. The MCP client picks up this prompt and initiates tool discovery via the LLM.
-
Tool discovery: The MCP client communicates with the LLM to find an appropriate tool using the Tool Find API (Message API). Once identified, the MCP tool is selected.
-
MCP tool access attempt (without token): The MCP client tries to invoke the MCP tool by calling the AgentFlow MCP Server. Since no token is provided, it receives a
401 Unauthorized
response with aWWW-Authenticate
header pointing to the OAuth discovery endpoint. -
OAuth discovery: The MCP client sends a
GET
request to the OAuth metadata endpoint. The server responds with supported endpoints and methods. -
PKCE generation: The MCP client generates a
code_challenge
andcode_verifier
as part of the Proof Key for Code Exchange (PKCE) process. -
User redirection to authorization: The MCP client constructs an authorization URL including the
code_challenge
and redirects the user (via browser) to the Reltio Auth Server. -
User authentication: The Reltio Auth Server prompts the user to sign in and approve access.
-
Redirect with authorization code: After successful login, the user is redirected back to the client’s callback URL along with the
authorization_code
. -
Token exchange: The MCP client exchanges the
authorization_code
andcode_verifier
for an access token from the Reltio Auth Server. -
MCP tool access (authenticated): The MCP client resends the request to the MCP Server, this time including the access token.
-
Token validation: The MCP Server validates the access token by calling the
checkToken
endpoint on the Reltio Auth Server. -
Final tool invocation: With the token validated, the MCP Server invokes the corresponding Reltio API.
-
Response to user: The MCP Server sends the response to the MCP client, which relays it to the user agent (browser).
Authentication components
Component | Description |
---|---|
User Agent (Browser) | Handles the user-facing portion of the OAuth flow, including login and consent via the Auth Server. |
MCP Client | Initiates tool discovery, generates PKCE values, redirects users to authenticate, and exchanges codes for tokens. Examples include LangChain apps, Jupyter notebooks, and command-line scripts using the MCP SDK. |
LLM | Assists in tool discovery based on the user prompt. Examples include Claude and ChatGPT integrated into agent workflows. |
Reltio AgentFlow MCP Server | Processes tool requests, validates tokens, and invokes Reltio APIs on behalf of authenticated clients. |
Reltio Auth Server | Authenticates users, issues tokens, and validates access tokens during MCP requests. |
Reltio API | Secured downstream endpoints that provide core MDM functions such as entity resolution and data enrichment. |