It would help if there was a node for:
The existing MCP Client node needs OAuth 2.1 authentication support. Currently, the MCP Client node only accepts static credentials (stored Bearer tokens or Header auth), which is incompatible with MCP servers that follow OAuth 2.1 patterns with short-lived tokens and token
refresh flows.
Specifically needed:
- Dynamic token acquisition from OAuth endpoints
- Automatic token refresh before expiration
- Support for Client Credentials flow
- Support for Authorization Code flow (with PKCE)
- Ability to inject tokens from previous workflow nodes (expressions)
My use case:
Scenario 1: Enterprise MCP Server with Short-Lived Tokens
My MCP server implements security best practices with OAuth 2.1:
- Authentication endpoint (POST /mcp/auth) returns short-lived tokens (60-90 min)
- AI Agent needs to call MCP tools throughout the day
- Current MCP Client node canβt refresh expired tokens automatically
- Result: Workflows fail after token expiration, requiring manual intervention
Scenario 2: Multi-Step OAuth Flow
Current workflow that fails:
- HTTP Request β POST /mcp/auth β Returns {access_token: ββ¦β, expires_in: 3600}
- AI Agent β Connected to MCP Client Tool
- MCP Client β
Cannot receive dynamic token from step 1 - MCP Client β Uses static credential β Token expires, integration breaks
Scenario 3: Third-Party SaaS MCP APIs
Many modern MCP providers (following the MCP Security Best Practices) use OAuth for access control:
- User authenticates via OAuth
- Receives temporary access token
- n8n workflows need to use these tokens with MCP Client
- Current blocker: No way to pass OAuth tokens to MCP Client
Impact:
- Cannot integrate with OAuth-protected MCP servers
- Must violate security policies by using long-lived tokens
- Complex workarounds (proxy servers, manual HTTP requests) lose MCP Client benefits
- Blocks enterprise adoption where OAuth is mandatory
Any resources to support this?
MCP Specification:
- Authorization - Model Context Protocol - Recommends OAuth 2.1 for HTTP transport
- Security Best Practices - Model Context Protocol - Specifies short-lived bearer tokens (60-90 min)
OAuth Standards:
- OAuth 2.1 - Modern OAuth specification
- RFC 6749 - The OAuth 2.0 Authorization Framework - OAuth 2.0 Framework
Community Discussions:
- Authorizing MCP node with OAuth - Multiple users requesting this feature
Related n8n Issues:
- #14539 - MCP Client connection problems (mentions auth challenges)
- #14478 - OAuth2 implementation issues in n8n
- #17450 - OAuth2 token refresh problems
Are you willing to work on this?
Yes! I would be really excited to work on this. I have the ability, skills, and time to contribute to implementing OAuth 2.1 support for the MCP Client node. Iβm happy to collaborate with the n8n team on architecture, implementation, and testing.