Scope gating ensures that only authorized tools are visible and executable by clients. This mechanism reduces security risks such as catalog enumeration attacks and provides a structured way for clients to remediate authorization failures.

Scope gating applies to two key phases: Discovery and Execution. The following table summarizes the behavior in each phase:
Phase Description
Discovery Filters out tools that do not match the caller's scopes. This prevents unauthorized tools from appearing in the catalog and reduces the risk of enumeration attacks.
Execution If a client attempts to execute a tool without the required scope, the system returns an HTTP 401 response. The response includes a WWW-Authenticate header and resource metadata (if configured) to help the client remediate the issue.