Expanded MCP OAuth Support

2.12.0

MCP OAuth now supports servers with strict requirements, like Figma. Configure a client secret for servers that require one, point the redirect URI at a custom callback path, and skip Dynamic Client Registration when you bring your own client ID. This release also brings more accurate approval prompts for commands with combined flags, and full ASCII mode coverage for terminals without Unicode support.

MCP OAuth for Pre-Registered Apps

Connect to remote MCP servers that require a pre-registered OAuth app. Add clientSecret alongside clientId in your server's OAuth config for servers that require a client secret. When a custom clientId is set, Kiro skips Dynamic Client Registration and authenticates as your app. The redirectUri field now accepts full URLs with custom paths (like http://localhost:7778/oauth/callback), so your callback URL can match exactly what your app registered. Callback hosts are limited to localhost for safety. Learn more ->