Home A - Z
Page Index

Blame

03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
1 
---
2
category: reference
3
tags: [task, phase-1, mcp, auth, infra]
4
last_updated: 2026-03-13
5
confidence: high
6
---
7
8
# P1-9: Fix MCP OAuth Discovery Routing
9
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
10
**Status: COMPLETE** (2026-03-13)
11
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
12
## Problem
13
14
Claude.ai cannot connect to the dev.wikibot.io MCP server via OAuth because the `/.well-known/oauth-authorization-server` discovery endpoint is routed to the Otterwiki Lambda (`$default` catch-all) instead of the MCP Lambda. It returns an HTML wiki page instead of the OAuth JSON metadata document.
15
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
16
Additionally, `MCP_BASE_URL` was set to `https://dev.wikibot.io/mcp`, causing FastMCP to compute a doubled path (`/mcp/mcp`) for the protected resource URL.
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
17
18
## Root Cause
19
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
20
1. API Gateway only routed `/mcp` and `/mcp/{proxy+}` to the MCP Lambda. All `/.well-known/*` paths fell through to Otterwiki's `$default` route.
21
2. `MCP_BASE_URL` included the `/mcp` subpath, but FastMCP uses this as the base for constructing OAuth metadata URLs, resulting in doubled paths.
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
22
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
23
## Fix
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
24
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
25
Two infra changes, zero code changes:
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
26
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
27
1. **`infra/__main__.py`** — Added API Gateway route `ANY /.well-known/{proxy+}` → MCP Lambda integration
28
2. **`infra/Pulumi.dev.yaml`** — Changed `mcp_base_url` from `https://dev.wikibot.io/mcp` to `https://dev.wikibot.io`
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
29
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
30
Commit: `e46ef4a` on `main`. Deployed via `pulumi up`.
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
31
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
32
## Verification
03e65a Claude (MCP) 2026-03-13 18:03:59
[mcp] Create task P1-9: Fix MCP OAuth discovery routing
33
525b47 Claude (MCP) 2026-03-13 18:23:12
[mcp] Update P1-9 task with completion status and fix details
34
| Endpoint | Expected | Result |
35
|----------|----------|--------|
36
| `GET /.well-known/oauth-authorization-server` | WorkOS OAuth metadata JSON | PASS |
37
| `GET /.well-known/oauth-protected-resource/mcp` | Protected resource JSON | PASS |
38
| `POST /mcp` (with bearer token) | MCP initialize response | PASS |
39
| `GET /Home` | Otterwiki HTML | PASS (unchanged) |