From the course: Unboxing AI: Build a Remote MCP Server from Zero to Deployed with OAuth
Join today to access over 24,900 courses taught by industry experts.
MCP and security - OAuth Tutorial
From the course: Unboxing AI: Build a Remote MCP Server from Zero to Deployed with OAuth
MCP and security
- [Instructor] And that brings us to security. MCP security is convoluted, because not only does MCP security relate to just how to build secure servers, but it also relates to who is using the servers, and how are we using them, and how are we actually building software. So let me break this down in a little more detail so you get an idea of why it's convoluted. So the topics I wanted to talk about are the main security risks associated with MCPs, specifically vibe coding, excessive permissions, agent errors, prompt injections, confused deputy, and session hijacking.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
- (Locked) Why authorization and security matter1m 53s
- (Locked) The MCP authorization spec4m 23s
- (Locked) Implementing MCP authorization2m 44s
- (Locked) The MCP OAuth 2.0 flow visualized4m 22s
- (Locked) Best-practices for MCP authorization5m 8s
- (Locked) Options for MCP authorization5m 32s
- (Locked) MCP and security46s
- (Locked) MCP security risk: Vibe coding2m 26s
- (Locked) MCP security risk: Excessive permisisons3m 20s
- (Locked) MCP security risk: Agent error1m 53s
- (Locked) MCP security risk: Prompt injection2m 29s
- (Locked) MCP security risk: Confused deputy1m 42s
- (Locked) MCP security risk: Session hijacking1m 16s
- (Locked) Authorization and security are job #12m 3s
- (Locked)
-
-