Back to Novu

Blocked MCP servers (DCR onboarding)

.cursor/skills/nv-onboard-dcr-mcp/blocked-mcp-servers.md

3.18.045.8 KB
Original Source

Blocked MCP servers (DCR onboarding)

Living register of MCP catalog entries that failed the nv-onboard-dcr-mcp docs gate or live probes. Keep catalog entries on provider-managed (or novu-app / user-app if a fixed OAuth app is viable) until a row here is resolved.

When to append: any onboarding attempt that aborts before upgrading oauth.mode to dcr.

When to remove or mark resolved: provider enables self-serve DCR for Novu's callback, Novu completes a novu-app pre-registration, or the entry is intentionally retired.


How to add an entry

Copy the template below to the Open blockers table (newest first). Fill every column you can; link probe evidence in the PR or agent report.

markdown
| `<id>` | `<name>` | `<mcp-url>` | `<YYYY-MM-DD>` | `<blocker category>` | `<one-line reason>` | `<doc link>` | `<next step>` |

Blocker categories (pick the primary one):

CategoryMeaning
client-allowlistProvider only supports a fixed list of approved MCP clients
redirect-whitelistDCR or OAuth rejects Novu's callback until redirect URI is pre-approved
manual-oauth-appUsers or Novu must create a fixed OAuth app; no RFC 7591 DCR
no-registration-endpointPRM/AS metadata lacks a working registration_endpoint
partner-approvalProvider requires partner/onboarding approval before OAuth
otherAnything else — explain in Reason

Open blockers

IDNameMCP URLBlockedCategoryReasonDocsNext step
digitalocean-dropletsDigitalOcean Dropletshttps://droplets.mcp.digitalocean.com/mcp2026-06-08otherOfficial Remote MCP uses Bearer DigitalOcean API token in Authorization header per request; no RFC 9728 PRM or RFC 8414 AS metadata (well-known URLs 404/302→docs); DCR probes 302→docs; tools/call requires API token, not OAuth code flowConfigure Remote MCP, Remote MCP blogDo not add catalog dcr; if catalogging use provider-managed or per-org user-app with DO API tokens
digitalocean-docsDigitalOcean Docshttps://docs.mcp.digitalocean.com/mcp2026-06-08otherDocumentation MCP is public/unauthenticated (no API token required per docs); no OAuth PRM/AS/DCR; initialize/tools/list succeed without auth; other DO MCPs use Bearer PAT, not OAuthConfigure Remote MCPDo not add catalog dcr; if catalogging use provider-managed with no credential or extend Novu for credential-less MCPs
digitalocean-doksDigitalOcean Kuberneteshttps://doks.mcp.digitalocean.com/mcp2026-06-08otherOfficial remote MCP uses static DigitalOcean API token in Authorization: Bearer header; no RFC 9728 PRM JSON (404/302→docs), no RFC 8414 AS metadata, no registration_endpoint; tools/call returns no auth header found without BearerConfigure Remote MCP, DOKS toolsDo not add catalog dcr; evaluate provider-managed or per-org user-app API-token storage
digitalocean-databasesDigitalOcean Databaseshttps://databases.mcp.digitalocean.com/mcp2026-06-08otherSame Bearer PAT auth model as other DO remote MCPs; no PRM/AS/DCR; tools/call fails with no auth header found without DO API tokenConfigure Remote MCP, Remote MCP blogDo not add catalog dcr; evaluate provider-managed or per-org user-app with DIGITALOCEAN_API_TOKEN
digitalocean-appsDigitalOcean App Platformhttps://apps.mcp.digitalocean.com/mcp2026-06-08otherOfficial remote MCP auth is per-user DigitalOcean API token in Authorization: Bearer header — not OAuth authorization-code or RFC 7591 DCR; PRM/AS well-known URLs 302→docs; tools/call requires DO API tokenConfigure Remote MCP, App Platform MCPDo not add catalog dcr; same pattern as Render — provider-managed or per-org API-key/user-app
netdocumentsNetDocumentshttps://web-api.us.netdocuments.app/connect/mcp2026-06-08client-allowlistndConnect Enterprise docs restrict MCP to approved AI platforms (Claude, ChatGPT, Microsoft Copilot); ndMAX Enterprise + Security Center admin toggle required; DCR accepts Novu callback but Novu is not an approved MCP partnerLegal AI integrations, Anthropic MCP blogKeep provider-managed; pursue ndConnect partner approval for Novu before catalog dcr
gammaGammahttps://mcp.gamma.app/mcp2026-06-08redirect-whitelistAS exposes registration_endpoint at auth.gamma.app/oauth/register with S256; DCR POST for Novu callback returns 400 redirect_uri not allowed; docs require "Request custom MCP access" form with pre-approved redirect URIsGamma MCP serverRequest allowlist for https://api.novu.co/v1/agents/mcp/oauth/callback; keep provider-managed until approved
trimble-sketchupTrimble SketchUphttps://api.sketchup.com/mcp/v1/sketchup/mcp2026-06-08redirect-whitelistDCR at api.sketchup.com/mcp/v1/identity/register succeeds for localhost redirects only; Novu callback returns 400 invalid_redirect_uri ("Only http://localhost and http://127.0.0.1 redirect URIs are allowed") — built for desktop loopback clientsSketchUp MCP announcementRequest Trimble allowlist Novu callback; keep provider-managed until approved
adobe-for-creativityAdobe for creativityhttps://adobe-creativity.adobe.io/mcp2026-06-08client-allowlistMCP host returns HTTP 403 on PRM/AS/MCP probes; official docs distribute as Claude-only connector; sibling Adobe MCP DCR rejects Novu production callback (invalid_redirect_uri) while localhost succeedsAdobe for creativityKeep provider-managed; request Adobe vetted MCP client + Novu callback allowlist on IMS/per-product DCR
adobe-experience-managerAdobe Experience Managerhttps://mcp.adobeaemcloud.com/adobe/mcp/aem2026-06-08client-allowlistAdobe docs restrict MCP to Supported MCP Applications list (Claude, ChatGPT, Cursor, etc.); DCR at oauth.adobeaemcloud.com/register rejects Novu callback (No IMS client configuration found for redirect URI) while localhost DCR succeeds (201)AEM MCP docsContact [email protected] for Novu client + redirect allowlist; keep provider-managed
iftttIFTTThttps://ifttt.com/mcp2026-06-08redirect-whitelistRFC 9728 PRM at ifttt.com/.well-known/oauth-protected-resource (issuer ifttt.com, scope mcp); RFC 8414 AS exposes registration_endpoint ifttt.com/oauth/register and S256; DCR rejects Novu callback (invalid_redirect_uri / not authorized); localhost DCR succeeds (HTTP 201) — redirect URI allowlist, not missing DCRIFTTT MCP, What is IFTTT MCP?, AI Assistants HelpRequest https://api.novu.co/v1/agents/mcp/oauth/callback be added to IFTTT's DCR redirect allowlist; keep provider-managed until approved
process-streetProcess Streethttps://mcp.process.st2026-06-08no-registration-endpointAS metadata advertises registration_endpoint at login.process.st/oidc/register and S256 PKCE; DCR POST returns 400 dynamic client registration is disabled (Novu + localhost). OAuth challenge at mcp.process.st/mcp; catalog URL is root hostProcess Street MCPAsk Process Street to enable DCR for Novu callback, or evaluate novu-app with a Process Street-issued OAuth client
thoughtspot-spotterThoughtSpot Spotterhttps://agent.thoughtspot.app/mcp?api-version=latest2026-06-08otherDCR at agent.thoughtspot.app/register succeeds for Novu callback (S256, client_secret_post), but no RFC 9728 PRM at standard well-known URLs; MCP 401 lacks resource_metadata — Novu DCR flow fails at discoverProtectedResourceThoughtSpot MCP clients, mcp-server READMEAsk ThoughtSpot to publish PRM at /.well-known/oauth-protected-resource/mcp with authorization_servers: ["https://agent.thoughtspot.app"]; re-probe after fix
orion-by-gravityOrion by Gravityhttps://g.runorion.com/mcp2026-06-08otherRFC 8414 AS metadata and DCR at g.runorion.com/mcp/register succeed for Novu callback (orion:full, client_secret_post), but no RFC 9728 PRM at any well-known URL; MCP 401 returns JSON without WWW-Authenticate / resource_metadata — Novu discovery cannot proceedOrion MCP setup, MCP overviewAsk Orion to publish PRM with authorization_servers: ["https://g.runorion.com"] and scopes_supported: ["orion:full"]; re-probe after fix
sprouts-data-intelligenceSprouts Data Intelligencehttps://sprouts-mcp-server.kartikay-dhar.workers.dev2026-06-11otherDCR via Scalekit at mcp.sprouts.ai/.../clients:register succeeds (client_secret_post), but the only known MCP resource URL is a personal Cloudflare Workers subdomain — not a canonical Sprouts production hostScalekit × Sprouts case studyKeep provider-managed until Sprouts publishes a production MCP URL; re-probe and upgrade to dcr when available
zoho-projectsZoho Projectshttps://claude-zohoprojects.zohomcp.com/mcp/message2026-06-03manual-oauth-appCatalog URL is Anthropic/Claude-branded hosted connector (claude-zohoprojects); AS authorization_endpoint and registration_endpoint are scoped to pre-provisioned MCP server 1b1ba8e33192df4ef7fe6fc984da9ec6 with /claude/ paths on mcp.zoho.com. DCR at …/claude/register echoes requested redirect_uris (incl. Novu callback) but always returns the same client_id (1000.74OGCXOVDQ7CEELAD7VUSDCCDS433P) for distinct redirects — stub registration, not per-client RFC 7591. Production Zoho MCP uses per-tenant URLs from zoho.com/mcp (*.zohomcp.com), not this shared hostnameZoho MCP, Zoho Projects MCPKeep provider-managed; evaluate novu-app with Zoho-issued OAuth client + Novu callback on a Novu-provisioned MCP server URL, or pursue true DCR with unique client_id per registration
bigdata-comBigdata.comhttps://mcp.bigdata.com/2026-06-03no-registration-endpointOAuth AS is Clerk (clerk.bigdata.com); RFC 8414 metadata has no registration_endpoint; DCR probe to clerk.bigdata.com/oauth/register returns 422 dynamic client registration is not enabled (same for Novu callback and localhost). Official docs: agentic platforms use pre-built OAuth connectors (Claude/ChatGPT/Copilot); proprietary clients use API key (x-api-key) — not self-serve RFC 7591 DCRBigdata Authentication, MCP API Key integration, Claude MCP, MCP changelogKeep provider-managed; ask Bigdata to enable Clerk dynamic OAuth client registration and publish registration_endpoint in AS metadata, or evaluate novu-app with a Bigdata-issued OAuth client
dovetailDovetailhttps://dovetail.com/api/mcp2026-06-03manual-oauth-appOfficial docs state hosted MCP does not support RFC 7591 DCR or CIMD and does not expose clientId/clientSecret for third-party tools (API token or browser OAuth for compatible clients). Path-suffixed PRM at dovetail.com/.well-known/oauth-protected-resource/api/mcp (issuer auth.dovetail.com, MCP scopes incl. search:read, offline_access). AS metadata advertises registration_endpoint https://auth.dovetail.com/oidc/register and S256; DCR POST for Novu callback returns 400 dynamic client registration is disabledDovetail MCP serverKeep provider-managed; evaluate novu-app only if Dovetail enables DCR for https://api.novu.co/v1/agents/mcp/oauth/callback or issues a fixed OAuth client for Novu
fly-ioFly.io(no official hosted URL — probes: https://mcp.fly.io/mcp, https://api.fly.io/mcp)2026-06-03otherFly.io is a deployment platform for user-hosted MCP servers (fly mcp proxy, fly mcp wrap), not a first-party SaaS MCP with OAuth/DCR. mcp.fly.io does not resolve; no RFC 9728 PRM or RFC 8414 AS at candidate URLs. Docs describe bearer/basic HTTP auth for wrapped servers, not self-serve RFC 7591 DCR for Novu's callbackRemote MCP servers blueprint, HTTP authorization, MCP launch blogDo not add catalog dcr entry; if catalogging later use provider-managed or per-org API-key/user-app for customer-deployed Fly apps until Fly ships a hosted OAuth MCP product
microsoft-365Microsoft 365https://microsoft365.mcp.claude.com/mcp2026-06-03manual-oauth-appAnthropic-hosted connector uses two fixed Entra app registrations (08ad6f98-a4f8-4635-bb8d-f1a3044760f0 client, 07c030f6-5743-41b7-ba00-0a6e85f37c17 server); tenant admin consent required before any user can connect; Cowork deployments require Anthropic allowlist of tenant + client IDs; /oauth2/register is a stub that always returns the same client_id regardless of redirect URI (not true RFC 7591); PRM at challenge URL /.well-known/oauth-protected-resource/mcp returns 404; AS metadata issuer is login.microsoftonline.com/common (Entra has no native DCR); authorize flow uses fixed client with redirect URIs that must be pre-registered on Anthropic's Entra appSet up the Microsoft 365 connector, Cowork M365 setup (allowlist), Security guide, OAuth redirect bug #52730Keep provider-managed; not viable for Novu catalog dcr — evaluate novu-app only if Anthropic registers Novu's callback on 08ad6f98-… and grants partner/tenant allowlist
guruGuruhttps://mcp.api.getguru.com/mcp2026-06-03otherRFC 9728 PRM URLs (/.well-known/oauth-protected-resource, path-suffixed /mcp) return HTTP 200 with zero-length body; MCP GET/POST returns 401 Bearer without resource_metadata — Novu discoverProtectedResource cannot proceed. AS metadata at mcp.api.getguru.com/.well-known/oauth-authorization-server is valid (registration_endpoint /oauth/mcp/register, S256, scope default); DCR probe succeeds for Novu callback (client_secret_post). Help docs mention OAuth redirect whitelist for some clients; live DCR did not reject Novu's callbackMCP setup (help), Auth setup, Connections (n8n DCR)Keep provider-managed; ask Guru to publish valid PRM with authorization_servers: ["https://mcp.api.getguru.com"] and optional scopes_supported; re-probe after fix
google-calendarGoogle Calendarhttps://calendarmcp.googleapis.com/mcp/v12026-06-03manual-oauth-appSame Google Cloud MCP auth model as Drive/Gmail: manual OAuth Web/Desktop client ID + secret in Google Cloud Console; official configure guide requires creating OAuth client and pasting clientId/clientSecret into MCP client config; accounts.google.com AS metadata has no registration_endpoint; DCR probe to oauth2.googleapis.com/register returns 404; PRM at path-suffixed calendarmcp.googleapis.com/.well-known/oauth-protected-resource/mcp/v1 (issuer accounts.google.com)Configure the Calendar MCP server, Authenticate to Google Cloud MCP, Configure MCP in an AI applicationKeep provider-managed, or evaluate novu-app with a Novu pre-registered Google OAuth Web client + https://api.novu.co/v1/agents/mcp/oauth/callback in Authorized redirect URIs
gmailGmailhttps://gmailmcp.googleapis.com/mcp/v12026-06-03manual-oauth-appSame Google Cloud MCP auth model as Drive/Calendar: manual OAuth Web/Desktop client ID + secret in Google Cloud Console; VS Code shows "Dynamic client registration not supported"; accounts.google.com AS metadata has no registration_endpoint; DCR probe to oauth2.googleapis.com/register returns 404; PRM at path-suffixed gmailmcp.googleapis.com/.well-known/oauth-protected-resource/mcp/v1 (issuer accounts.google.com)Configure the Gmail MCP server, Authenticate to Google Cloud MCP, Configure MCP in an AI applicationKeep provider-managed, or evaluate novu-app with a Novu pre-registered Google OAuth Web client + https://api.novu.co/v1/agents/mcp/oauth/callback in Authorized redirect URIs
algoliaAlgoliahttps://mcp.algolia.com/mcp2026-06-03client-allowlistProductivity MCP docs: OAuth sign-in with empty client ID/secret for MCP clients; PRM path-suffixed at mcp.algolia.com/.well-known/oauth-protected-resource/mcp (issuer dashboard.algolia.com, scope public); AS exposes registration_endpoint at dashboard.algolia.com/2/oauth/register and S256; DCR rejects Novu callback and localhost with 400 This client is not allowed to registerProductivity MCP, MCP overview, mcp-nodeRequest Algolia allow Novu DCR at https://api.novu.co/v1/agents/mcp/oauth/callback; keep provider-managed or evaluate novu-app with a pre-registered Algolia OAuth client until DCR opens
browserbaseBrowserbasehttps://mcp.browserbase.com/mcp2026-06-03otherOfficial hosted MCP uses Browserbase API key auth (browserbaseApiKey query param or BROWSERBASE_API_KEY env var), not OAuth; PRM probes return 404; AS metadata at mcp.browserbase.com / api.browserbase.com has no registration_endpoint; DCR probes to /register and /oauth/register return 404; MCP endpoint returns Missing mcp-session-id with no WWW-Authenticate challengeMCP setup, MCP introductionNot a DCR OAuth target; evaluate user-app or per-org API-key credential storage if Novu adds non-OAuth MCP auth
renderRenderhttps://mcp.render.com/mcp2026-06-03otherOfficial hosted MCP uses Bearer API key auth only (Account Settings → API key); June 2025 changelog states OAuth is not yet supported. No RFC 9728 PRM (/.well-known/oauth-protected-resource and path-suffixed variant return 404). Not an authorization-code + DCR target for Novu's callbackRender MCP server, HTTP MCP changelog (no OAuth)Do not add catalog dcr entry; if catalogging later use provider-managed or evaluate user-app with per-org Render API keys until Render ships OAuth + registration_endpoint
klarityKlarityhttps://architect-v2-api.klarity.ai/mcp2026-06-03otherSplit AS: DCR at signin.klarity.ai/oauth2/register succeeds (incl. Novu/ngrok callbacks), but RFC 8414 authorization_endpoint is architect-v2-api.klarity.ai/mcp/sso/start, which returns redirect_uri not allowed for every DCR client; signin.klarity.ai/oauth2/authorize accepts the same clientsPRM /.well-known/oauth-protected-resource/mcp; AS signin.klarity.ai/.well-known/oauth-authorization-serverKeep provider-managed; ask Klarity to wire MCP SSO start to DCR redirect URIs or point authorize/token at signin.klarity.ai/oauth2/*
shopifyShopifyhttps://setup.shopify.com/mcp2026-06-03no-registration-endpointPRM at root well-known and AS at path-suffixed /.well-known/oauth-authorization-server/auth expose OAuth + S256 PKCE (token_endpoint_auth_method: none) but AS metadata has no registration_endpoint; DCR probes to /oauth/register, /auth/register, and /register return 404. Official Shopify app OAuth requires a pre-registered Dev Dashboard app with manually configured Allowed redirection URLs — not RFC 7591 self-serve DCRAuthorization code grant, Dev Dashboard, AI Toolkit / Dev MCP (local, no auth)Keep provider-managed; evaluate novu-app with a Novu pre-registered Dev Dashboard app + https://api.novu.co/v1/agents/mcp/oauth/callback in Allowed redirection URLs
boxBoxhttps://mcp.box.com2026-06-03manual-oauth-appOfficial remote MCP setup requires Admin Console Integration Credentials (fixed Client ID + Secret + manually entered Redirect URI); Box API does not support RFC 7591 DCR; AS metadata at api.box.com has no registration_endpoint; DCR probes to common paths return 404/401Set up the MCP server, Box MCP server, Securing MCP (no native DCR)Keep provider-managed, or evaluate novu-app with Novu pre-registered Box MCP Integration Credentials + https://api.novu.co/v1/agents/mcp/oauth/callback in Redirect URI
dropboxDropboxhttps://mcp.dropbox.com/dash2026-06-03client-allowlistOfficial Dash MCP docs: DCR only for vetted clients (ChatGPT, Claude, Cursor); other clients need manual Dropbox app + token. AS at www.dropbox.com exposes registration_endpoint and S256; DCR for Novu callback returns 403 registration_not_supported ("Only pre-registered MCP trusted partners are allowed"); localhost DCR succeedsDash MCP setupRequest DCR/trusted-partner registration for Novu via Dropbox Get Help; keep provider-managed until approved
clayClayhttps://api.clay.com/v3/mcp2026-06-03redirect-whitelistPRM/AS expose registration_endpoint at api.clay.com/oauth/register and S256; DCR rejects Novu callback (redirect_uri must be from an allowed domain). Catalog URL differs from community mcp.clay.earth/mcp; official npm path uses API key, not OAuth DCRClay MCP (npm), Apigene setupRequest https://api.novu.co/v1/agents/mcp/oauth/callback domain be allowlisted; keep provider-managed until approved
squareSquarehttps://mcp.squareup.com/sse2026-06-03redirect-whitelistAS at mcp.squareup.com has registration_endpoint and S256; DCR POST returns domain not in allowlist for Novu callback. PRM only on path-suffixed well-known (/sse/...) and requires bearerSquare MCP docsRequest Novu callback allowlist with Square; keep provider-managed until approved
hubspotHubSpothttps://mcp.hubspot.com/anthropic2026-06-03manual-oauth-appRemote MCP requires pre-created MCP Auth App (Client ID + secret + redirect URL) in HubSpot developer portal; path PRM works but AS metadata has no registration_endpoint; Claude Code reports "does not support dynamic client registration"Remote HubSpot MCP serverKeep provider-managed, or evaluate novu-app with a Novu pre-registered MCP Auth App + https://api.novu.co/v1/agents/mcp/oauth/callback in Redirect URLs
plaidPlaidhttps://api.dashboard.plaid.com/mcp/sse2026-06-03manual-oauth-appOfficial Dashboard MCP auth is OAuth client_credentials with scope mcp:dashboard using Plaid client_id/secret — not RFC 7591 authorization-code DCR; PRM returns Unauthorized without bearer tokenPlaid MCP serverKeep provider-managed; Novu would need per-org Plaid production credentials (likely user-app), not catalog dcr
intercomIntercomhttps://mcp.intercom.com/mcp2026-06-03redirect-whitelistAS exposes registration_endpoint and S256; DCR at mcp.intercom.com/register rejects Novu callback (not in the allowlist). Community confirms redirect URI allowlist via Customer SupportIntercom MCP guide, DCR allowlist threadRequest https://api.novu.co/v1/agents/mcp/oauth/callback allowlist from Intercom Support; keep provider-managed until approved
docusealDocuSealhttps://docuseal.com/mcp2026-06-03no-registration-endpointOfficial MCP guide documents manual Bearer MCP token auth (Settings > MCP Server) for self-hosted only; cloud MCP exposes OAuth PRM/AS metadata but AS metadata has no registration_endpoint and DCR probes to common paths return 404; REST API uses X-Auth-Token, not DCRIntegrate with AI Agents using MCP, API ReferenceKeep provider-managed; ask DocuSeal to publish registration_endpoint and confirm Novu callback support, or evaluate novu-app with a pre-registered OAuth client
docusignDocusignhttps://mcp.docusign.com/mcp2026-06-03manual-oauth-appOfficial MCP setup requires a pre-registered Integration Key (Client ID) + Secret Key from Apps and Keys; redirect URIs must be manually added to the OAuth app — no self-serve RFC 7591 DCR documented; developer path uses https://mcp-d.docusign.com/mcp with user-supplied credentialsClaude Docusign MCP connector guide, Configure your appKeep provider-managed, or evaluate novu-app with a Novu pre-registered Docusign Integration Key + https://api.novu.co/v1/agents/mcp/oauth/callback in Redirect URIs
google-driveGoogle Drivehttps://drivemcp.googleapis.com/mcp/v12026-06-03manual-oauth-appSame Google Cloud MCP auth model as other GCP MCP servers: manual OAuth Web/Desktop client ID + secret in Google Cloud Console; VS Code shows "Dynamic client registration not supported"; accounts.google.com AS metadata has no registration_endpoint; DCR probe to oauth2.googleapis.com/register returns 404Configure the Drive MCP server, Authenticate to Google Cloud MCP, Configure MCP in an AI applicationKeep provider-managed, or evaluate novu-app with a Novu pre-registered Google OAuth Web client + https://api.novu.co/v1/agents/mcp/oauth/callback in Authorized redirect URIs
asanaAsanahttps://mcp.asana.com/v2/mcp2026-06-03manual-oauth-appV2 MCP requires pre-registered OAuth app in Asana developer console (MCP app type); official docs state "Dynamic client registration is not supported"; AS metadata has no registration_endpoint; DCR probe to app.asana.com/oauth/register returns 302→login then 400 "No route found"Integrating with Asana's MCP Server, V2 GA changelog (DCR removed)Keep provider-managed, or evaluate novu-app with a Novu pre-registered Asana MCP app + https://api.novu.co/v1/agents/mcp/oauth/callback in OAuth redirect URL
coupler-ioCoupler.iohttps://mcp.coupler.io/mcp/2026-06-03redirect-whitelistDCR at auth.coupler.io/oauth2/register succeeds for localhost redirects but rejects Novu's callback (invalid_redirect_uri); PRM/AS expose registration_endpoint and token_endpoint_auth_method: none; official docs describe admin-generated OAuth connection links for Claude, not self-serve DCR for arbitrary MCP clientsAI Integrations (Remote MCP), Custom MCP (token-based)Request https://api.novu.co/v1/agents/mcp/oauth/callback be added to Coupler.io's DCR redirect allowlist; keep provider-managed until approved
base44Base44https://app.base44.com/mcp2026-06-03redirect-whitelistDCR at app.base44.com/oauth/register succeeds for localhost redirects but rejects Novu's callback (All redirect_uris must be in the allowlist); PRM/AS expose registration_endpoint and token_endpoint_auth_method: noneBase44 MCP serverRequest https://api.novu.co/v1/agents/mcp/oauth/callback be added to Base44's MCP client redirect allowlist; keep provider-managed until approved
cdata-connect-aiCData Connect AIhttps://mcp.cloud.cdata.com/mcp2026-06-03manual-oauth-appOfficial docs: DCR not supported; MCP clients must create a custom OAuth app in Connect AI (Settings → OAuth Apps) and supply fixed client_id/client_secret; Dify setup explicitly disables "dynamic client registration" (registration_endpoint is misleading)Custom OAuth apps (JP blog), Agent Bricks MCP setup, MCP APIKeep provider-managed, or evaluate novu-app with a Novu pre-registered Connect AI OAuth app + https://api.novu.co/v1/agents/mcp/oauth/callback in Callback URL
devrevDevRevhttps://api.devrev.ai/mcp/v12026-06-03redirect-whitelistOfficial Cursor setup requires a fixed CLIENT_ID; docs state DevRev MCP does not yet support DCR self-registration. DCR probe at auth.devrev.ai/oidc/register rejects Novu's callback (redirect_uri must be http(s)://localhost[:port][/path])Remote MCP serverKeep provider-managed, or evaluate novu-app with a DevRev-issued OAuth client and production callback allowlisted
google-cloud-bigqueryGoogle Cloud BigQueryhttps://bigquery.googleapis.com/mcp2026-06-03manual-oauth-appSame Google Cloud MCP auth model as other GCP MCP servers: manual OAuth Web/Desktop client ID + secret in Google Cloud Console; VS Code shows "Dynamic client registration not supported"; no RFC 7591 self-serve DCRAuthenticate to Google Cloud MCP, Configure MCP in an AI application, Use the BigQuery MCP serverKeep provider-managed, or evaluate novu-app with a Novu pre-registered Google OAuth Web client + https://api.novu.co/v1/agents/mcp/oauth/callback in Authorized redirect URIs
google-compute-engineGoogle Compute Enginehttps://compute.googleapis.com/mcp2026-06-03manual-oauth-appGoogle Cloud MCP auth requires manually creating an OAuth Web/Desktop client ID + secret in Google Cloud Console; accounts.google.com AS metadata has no registration_endpoint; DCR probes to oauth2.googleapis.com/register and related paths return 404Authenticate to Google Cloud MCP, Use Compute Engine MCPKeep provider-managed, or evaluate novu-app with a Novu pre-registered Google OAuth client + https://api.novu.co/v1/agents/mcp/oauth/callback in Authorized redirect URIs
figmaFigmahttps://mcp.figma.com/mcp2026-06-03client-allowlistOfficial docs: only MCP clients listed in the Figma MCP Catalog (Cursor, Claude Code, VS Code, etc.) may connect; new clients must apply/waitlist for remote access — not open RFC 7591 DCR for arbitrary redirect URIsFigma MCP remote setup, MCP catalogKeep provider-managed; pursue Figma MCP catalog registration for Novu, or evaluate novu-app if Figma issues a fixed OAuth client
clickupClickUphttps://mcp.clickup.com/mcp2026-06-03redirect-whitelistOfficial docs maintain an allowlist of vetted MCP client redirect URIs; off-list clients must submit a review request before OAuth works with Novu's callbackClickUp MCP serverRequest Novu + https://api.novu.co/v1/agents/mcp/oauth/callback be added to ClickUp's vetted redirect allowlist; keep provider-managed until approved (Copilot setup docs reference DCR, but redirect URI is gated)
aws-marketplaceAWS Marketplacehttps://marketplace-mcp.us-east-1.api.aws/mcp2026-06-03otherOfficial docs: "Authentication: None required" — no OAuth PRM/DCR; endpoint expects Mcp-Session-Id + MCP-Protocol-Version headers onlyAWS Marketplace MCP serverNot a DCR OAuth target; keep provider-managed unless Novu adds header-session MCP auth
slackSlackhttps://mcp.slack.com/mcp2026-06-03manual-oauth-appOfficial docs: no DCR; MCP clients need a registered Slack app with fixed client_id/client_secret and admin approval; AS metadata has no registration_endpointSlack MCP serverKeep provider-managed, or evaluate novu-app with a Novu pre-registered Slack app (Marketplace/internal app + MCP access enabled)
harness-ioHarness.iohttps://mcp.harness.io/mcp2026-06-03manual-oauth-appDocs prescribe fixed OAuth client ID mcp-client; DCR probe rejects Novu callback (insufficient_scope / trusted-host policy). OAuth must be enabled per account via Harness SupportHarness MCP ServerKeep provider-managed, or evaluate novu-app if Harness allows a Novu-specific OAuth client + callback allowlist
vercelVercelhttps://mcp.vercel.com/2026-06-03client-allowlistDocs require Vercel-reviewed MCP clients only; DCR probe returns invalid_redirect_uri for Novu's callbackVercel MCP docsPursue Vercel partnership to allowlist Novu + https://api.novu.co/v1/agents/mcp/oauth/callback; keep provider-managed until then
pagerdutyPagerDutyhttps://mcp.pagerduty.com/mcp2026-06-03manual-oauth-appOAuth apps created manually in App Registration with whitelisted redirect + fixed client_id/client_secret; AS metadata from PRM has no registration_endpoint; OIDC oauth-registration POST returns 404PagerDuty MCP supportKeep provider-managed, or evaluate novu-app with a Novu pre-registered PagerDuty OAuth app

Resolved / unblocked

Move rows here when DCR onboarding ships or the entry moves to another OAuth mode.

IDNameResolvedResolution
udemy-businessUdemy Business2026-06-08DCR probe succeeded (api.udemy.com/auth/external/oidc/dynamic-client/register, client_secret_post, scopes course:read mcp:read mcp:write lab:read offline); path-suffixed PRM; catalog oauth.modedcr
biorenderBioRender2026-06-08DCR probe succeeded (mcp.services.biorender.com/oauth/register, client_secret_post, scopes openid email profile offline_access); co-located AS-at-PRM-hint discovery; catalog oauth.modedcr
descriptDescript2026-06-08DCR probe succeeded (Stytch api.stytch.com/.../oauth2/register, HTTP 201); path-suffixed PRM; catalog oauth.modedcr
firefliesFireflies2026-06-08DCR probe succeeded (api.fireflies.ai/register, client_secret_post, scopes profile email); catalog oauth.modedcr
otter-aiOtter.ai2026-06-08DCR probe succeeded (otter.ai/oauth/register, scopes profile:read conversations:read); catalog oauth.modedcr
lucidLucid2026-06-08DCR probe succeeded (mcp.lucid.app/oauth/register, client_secret_post, S256); path-suffixed PRM; catalog oauth.modedcr
windsor-aiWindsor.ai2026-06-08DCR probe succeeded (mcp.windsor.ai/register, client_secret_post, scopes create delete); catalog oauth.modedcr
clarifyClarify2026-06-08DCR probe succeeded (auth1.clarify.ai/oauth2/register, client_secret_post); path-suffixed PRM; catalog oauth.modedcr
motion-creative-analyticsMotion Creative Analytics2026-06-08DCR probe succeeded (projects.motionapp.com/api/auth/oauth2/register, token_endpoint_auth_method: none); catalog oauth.modedcr
consensusConsensus2026-06-08DCR probe succeeded (consensus.app/oauth/register/, token_endpoint_auth_method: none, scopes search profile); catalog oauth.modedcr
supermetrics-marketing-analyticsSupermetrics Marketing Analytics2026-06-08DCR probe succeeded (api.supermetrics.com/oauth/register, client_secret_post); catalog oauth.modedcr
three-js-3d-viewerThree.js 3D Viewer2026-06-08DCR probe succeeded (example-server.modelcontextprotocol.io/register); MCP reference/example server only — not production SLA; catalog oauth.modedcr
eulerEuler2026-06-08DCR probe succeeded (mcp.eulerapp.com/oauth/register, client_secret_post, scopes customer partner); catalog oauth.modedcr
polar-analyticsPolar Analytics2026-06-08DCR probe succeeded (ai-service.polaranalytics.com/oauth/register, token_endpoint_auth_method: none, scope claudeai); catalog oauth.modedcr with pinned scopes
digitsDigits2026-06-08DCR probe succeeded (api.digits.com/oauth/register, client_secret_post); catalog oauth.modedcr
era-contextEra Context2026-06-08DCR probe succeeded (forge.era.app/oauth/register, token_endpoint_auth_method: none); catalog oauth.modedcr
wixWix2026-06-08DCR probe succeeded (mcp.wix.com/register, client_secret_post, scope offline_access); catalog oauth.modedcr
scholar-gatewayScholar Gateway2026-06-08DCR probe succeeded (connector.scholargateway.ai/register, client_secret_post); catalog oauth.modedcr
todoistTodoist2026-06-08DCR probe succeeded (todoist.com/oauth/register, client_secret_post, scope data:read_write); catalog oauth.modedcr
closeClose2026-06-08DCR probe succeeded (api.close.com/oauth2/register/, client_secret_post, MCP scopes); catalog oauth.modedcr
unthreadUnthread2026-06-08DCR probe succeeded (app.unthread.io/api/oauth/register, token_endpoint_auth_method: none, scope mcp); catalog oauth.modedcr
cb-insightsCB Insights2026-06-03DCR probe succeeded (mcp.cbinsights.com/register, token_endpoint_auth_method: client_secret_post or none, scopes openid email profile); PRM/AS at mcp.cbinsights.com; catalog oauth.modedcr
apollo-ioApollo.io2026-06-03DCR probe succeeded (mcp.apollo.io/api/v1/oauth/applications/register_oauth_client, token_endpoint_auth_method: client_secret_post, HTTP 201); path-suffixed PRM at mcp.apollo.io/.well-known/oauth-protected-resource/mcp; catalog oauth.modedcr
bitlyBitly2026-06-03DCR probe succeeded (api-ssl.bitly.com/oauth/register, token_endpoint_auth_method: client_secret_post, scope mcp.all); PRM at api-ssl.bitly.com/v4/mcp; AS issuer https://bitly.com; catalog oauth.modedcr
pylonPylon2026-06-03DCR probe succeeded (o.auth.usepylon.com/oauth2/register, token_endpoint_auth_method: client_secret_post); PRM at mcp.usepylon.com; catalog oauth.modedcr
omni-analyticsOmni Analytics2026-06-03DCR probe succeeded (callbacks.omniapp.co/oauth/register, token_endpoint_auth_method: none, scope mcp:access); path-suffixed PRM; catalog oauth.modedcr
sourcegraphSourcegraph2026-06-03DCR probe succeeded (sourcegraph.com/.auth/idp/oauth/register, token_endpoint_auth_method: none, scope mcp); new catalog entry https://sourcegraph.com/.api/mcp
egnyteEgnyte2026-06-03DCR probe succeeded (mcp-oauth.egnyte.com/clients, token_endpoint_auth_method: client_secret_post); path-suffixed PRM at mcp-server.egnyte.com; AS authorization_endpoint is domain-picker; catalog oauth.modedcr
gitlabGitLab2026-06-03DCR probe succeeded (gitlab.com/oauth/register, token_endpoint_auth_method: none, require_pkce: true, scope mcp); official URL https://gitlab.com/api/v4/mcp; catalog oauth.modedcr
launchdarklyLaunchDarkly2026-06-03DCR probe succeeded (app.launchdarkly.com/trust/oauth/register/dcr, token_endpoint_auth_method: none); path-suffixed PRM/AS at mcp.launchdarkly.com; catalog oauth.modedcr
railwayRailway2026-06-03DCR probe succeeded (backboard.railway.com/oauth/register, token_endpoint_auth_method: client_secret_post); PRM at mcp.railway.com; catalog oauth.modedcr
airwallex-developerAirwallex Developer2026-06-03DCR probe succeeded (mcp-demo.airwallex.com/developer/register, token_endpoint_auth_method: client_secret_post); PRM/AS use path-suffixed well-known; catalog oauth.modedcr
cloudinaryCloudinary2026-06-03DCR probe succeeded (asset-management.mcp.cloudinary.com/register, token_endpoint_auth_method: client_secret_post); catalog oauth.modedcr
craftCraft2026-06-03DCR probe succeeded (mcp.craft.do/my/auth/register, token_endpoint_auth_method: client_secret_post); catalog oauth.modedcr
webflowWebflow2026-06-03DCR probe succeeded (mcp.webflow.com/oauth/register, token_endpoint_auth_method: client_secret_post); catalog oauth.modedcr
monte-carloMonte Carlo2026-06-03DCR probe succeeded (auth.getmontecarlo.com/oauth2/register, token_endpoint_auth_method: client_secret_post); catalog oauth.modedcr
eraserEraser2026-06-03DCR probe succeeded (app.eraser.io/api/oauth/register, public client token_endpoint_auth_method: none); catalog oauth.modedcr
motherduckMotherDuck2026-06-03DCR probe succeeded (mcp-auth.motherduck.com/register, token_endpoint_auth_method: none); catalog oauth.modedcr
posthogPostHog2026-06-03DCR probe succeeded (oauth.posthog.com/oauth/register/); catalog oauth.modedcr
exaExa2026-06-03DCR probe succeeded (auth.exa.ai/api/oauth/register); catalog oauth.modedcr
magic-patternsMagic Patterns2026-06-03DCR probe succeeded (oauth.magicpatterns.com/oauth2/register, token_endpoint_auth_method: client_secret_post); catalog oauth.modedcr
incident-ioincident.io2026-06-03DCR probe succeeded; catalog oauth.modedcr
jenticJentic2026-06-03DCR probe succeeded (api.jentic.com/oauth2/register); catalog oauth.modedcr
ketryxKetryx2026-06-03DCR probe succeeded via Stytch AS; catalog oauth.modedcr
stytchStytch2026-06-03DCR probe succeeded; catalog oauth.modedcr

Probe notes (reference)

Novu DCR callback used in probes:

text
https://api.novu.co/v1/agents/mcp/oauth/callback

Catalog source of truth: packages/shared/src/consts/providers/mcp-servers.ts