ネットワーク経由でアクセス 出所: https://modelcontextprotocol.io/docs/getting-started/intro https://modelcontextprotocol.io/docs/learn/architecture MCP (Model Context Protocol) とは Copyright (C) Nomura Research Institute, Ltd. All rights reserved. 4
リモートMCPサーバーの広がり 出所: https://www.atlassian.com/blog/announcements/remote-mcp-server Copyright (C) Nomura Research Institute, Ltd. All rights reserved. 5
Profile 企業の既存IdPと連携し、個別のMCPサーバーごとの認可操作を省略 Identity Assertion JWT Authorization Grant (ID-JAG) を中核技術として使用 MCPの認可仕様の今後 Copyright (C) Nomura Research Institute, Ltd. All rights reserved. 10
MUST MUST Supported OAuth 2.0 Authorization Server Metadata (RFC 8414) MUST MUST MUST Supported Resource Indicators for OAuth 2.0 (RFC 8707) MUST MUST — Not supported OAuth 2.0 Dynamic Client Registration (RFC 7591) MAY SHOULD SHOULD Supported OAuth Client ID Metadata Document SHOULD — — Not supported MCP Version Conformance 2025-03-26 Supported 2025-06-18 Partially Supported without Resource Indicators for OAuth 2.0 2025-11-25 Partially Supported without Resource Indicators for OAuth 2.0 and OAuth Client ID Metadata Document KeycloakのMCP認可の対応状況 出所: https://www.keycloak.org/securing-apps/mcp-authz-server ※ RFC 9728 OAuth 2.0 Protected Resource Metadata はResource Server(MCPサーバー)側の仕様のため記載なし Copyright (C) Nomura Research Institute, Ltd. All rights reserved. 14