v0.2.4 Release: AI Agents Connect via OAuth 2.1

ByFedor Rychkov

July 6, 2026 04:08 PM


v0.2.4: MCP + OAuth 2.1

Release v0.2.4 is the biggest one since 0.2.0, and it is all about one thing: AI agents become first-class users of the platform. Claude, Cursor, Codex and any MCP-compatible host can now work with articles and media through the platform's own API — with permissions, rate limits and audit, just like humans.

The headline: connect with a single URL

Connecting an AI agent to your site used to mean juggling tokens, config files and Node.js bridges. Now, in Claude.ai, Claude Desktop or Cowork, you open Settings → Connectors → Add custom connector and paste one URL:

https://your-site.com/api/mcp

Everything else happens in the browser: log in to the platform, review the consent screen — which permissions to grant the agent and for how long — and you are done. No tokens to copy, nothing to install. Claude Code connects with a single command: claude mcp add --transport http my-site https://your-site.com/api/mcp.


How Claude connects via OAuth 2.1

Under the hood there is a full OAuth 2.1 authorization server following the MCP spec: discovery documents, Dynamic Client Registration (RFC 7591), mandatory PKCE S256, refresh-token rotation with replay detection, and a revocation endpoint (RFC 7009) — removing the connector on Claude's side instantly kills the access on the platform too.

The key architectural decision: an OAuth token is internally a regular platform API token. All enforcement — scopes, rate limits, audit, revocation — works identically for every connection method.

Personal Access Tokens and the MCP server

For hosts that send headers (Cursor, Codex, CI pipelines) there are classic Personal Access Tokens: created on the tokens page, shown exactly once, time-limited, and carrying a set of scopes: articles:read|write|publish|seo, media:read|write.

The MCP server ships in two flavors: a remote endpoint /api/mcp (Streamable HTTP — no repo checkout needed) and a local stdio server for development. Both share one tool registry: listing and reading articles, creating drafts, updating content, publishing (a separate scope!), SEO suggestions and the media library. Agents are draft-first by default: without an explicitly granted articles:publish nothing can go live.

The reader mode is thought through as well: a regular user's token with articles:read only sees published public articles — an agent can build digests without ever touching drafts.

Role policies: who, what and for how long

The administrator decides which roles get machine access — and through which channel:

  • per-role enablement — by default only admins issue tokens; editors, users and any custom roles are enabled explicitly;

  • auth channels — a role can be allowed PAT only, OAuth connections only, or both;

  • scopes and max lifetime — the ceiling for anything the role grants its tokens;

  • policies are enforced on every request: narrow a role's permissions and all previously issued tokens obey immediately, no waiting for expiry.

New section: Machine access

Once agents become users, you need oversight. The new admin page answers "who is connected, what are they doing, and how much are they consuming":

  • every user with tokens and OAuth connections, active or revoked;

  • usage over rolling windows — 1h / 6h / 12h / 24h / 7d, with a separate MCP-call counter, per token and per user;

  • a feed of recent requests: time, transport, tool called;

  • revocation of any token and a full machine-access block per user — an instant kill-switch for abuse or platform overload. Blocking is non-destructive: unblock, and every connection works as before.

Also in this release

  • English localization of the platform UI plus typography and controls refinements;

  • sidebar state fix (open sections follow the URL and localStorage);

  • CI/CD: pipeline stability, automatic container restarts, an upgraded quality gate;

  • security, SEO and dependency updates;

  • a ready-made patch for porting the whole MCP module into projects built on the boilerplate — with an adaptation guide and a verification checklist.

Try it

Two environment variables switch it on: API_TOKENS_ENABLED=1 and MCP_OAUTH_ENABLED=1. Code, docs and patches live in the nextjs-super-boilerplate repository, release v0.2.4.

P.S. This article was created by Claude through the very MCP connector it describes — the draft, the cover and the diagrams were all delivered by an agent over an OAuth connection.