AI Assistants need to securely authorize and access Model Context Protocol (MCP) servers to safely use imported tools, prompts and resources. In this session, we will discuss what it takes to create a secure MCP server, explain how MCP Authorization works, and cover important security considerations. We'll demonstrate how an MCP client running as a Single Page Application can seamlessly use OAuth2 authorization code flow and dynamic client registration to import and access MCP servers securely. We will also look at how MCP Clients can run in scope of a larger enterprise AI application and propagate user authentication tokens to secured MCP servers. Throughout the session, we will work with popular MCP clients as well as the Quarkus MCP Server and Client. No prior experience of Quarkus is required.

Talk Level:
BEGINNER

Bio:
Willem Jan is a Principal Software Engineer at Lunatech who loves building cloud software and contributing to open source. He's all about writing quality code and finding ways to automate anything. Willem Jan has been working with Quarkus since the beginning and enjoys making sure his applications are both simple and secure. On weekends, you won't find him behind a keyboard - he's either out enjoying nature or volunteering with his local scout group.