Skip to main contentSkip to search
Powered by Zoomin Software. For more details please contactZoomin
Progress DocumentationProgress Documentation
Progress Documentation
  • Home
  • Home
  • EnglishČeštinaDeutsch (Germany)Español (Spain)フランス語Italiano (Italy)Português (Brasil)日本語Русский (Russia)中文 (简体) (China)中文 (繁體, 台灣) (Taiwan)ar-AR
  • Login

Use the OpenEdge MCP Server

Authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
Table of Contents
  • Introduction and architecture of OpenEdge MCP Server
    • Introduction to the OpenEdge MCP Server
      • Enterprise AI integration with OpenEdge MCP Server
      • OpenEdge MCP Server terminology
      • Key features
      • Production-grade capabilities
    • Key differentiators and recommended deployment scenarios
      • Comparative analysis: OpenEdge MCP Server vs generic MCP solutions
      • When to deploy the OpenEdge MCP Server
    • OpenEdge MCP Server architecture
      • OpenEdge MCP Server in the AI ecosystem
      • Core components of the OpenEdge MCP Server architecture
      • Request lifecycle in OpenEdge MCP Server
      • OpenEdge MCP Server request flow scenarios
      • Ensure secure operations in the OpenEdge MCP Server architecture
  • Get started and deployment
    • Get started with OpenEdge MCP Server
      • Deployment components
      • Supported environments
        • Python configuration
      • Install OpenEdge MCP Server
        • Step 1: Download and unpack the distribution package
        • Step 2: Run the container image load script
        • Step 3: Verify your environment
        • Step 4: Provide OpenAPI specification
        • Step 5: Generate and start a profile
          • Work with a data service created using localhost
        • Step 6: Validate the tool catalog
      • Enforce security best practices before deployment
      • Deploy OpenEdge MCP Server to production
        • Prepare a production-ready export
        • Run exported bundle on production host
      • Reconfigure MCP Server without profile regeneration
      • Version verification and troubleshooting
  • Observability, logging, and troubleshooting
    • Observability and logging in OpenEdge MCP Server
      • Logging architecture overview
      • Configure logging and related middleware
      • Logging modes and usage guidelines
      • Audit events and sensitive data handling
      • Configure timing middleware
      • Correlation and traceability
      • Integration with log aggregators
      • Debug for rapid issue diagnosis
        • Quick enablement matrix
        • Configure root logging and OpenAPI visibility for debugging
        • Scenario-based troubleshooting
        • Troubleshooting and verification
        • Inspect logs in Kubernetes deployments
        • Configure a minimal debug profile for temporary use
        • Enable targeted diagnostics for invalid parameters
        • Reduce log noise after debugging
        • Add custom loggers for extended debugging
        • Triage checklist before filing issues
    • Troubleshooting reference
    • Frequently asked questions
  • Operate, secure, and manage the OpenEdge MCP Server
    • Use the mcpgen CLI for profile generation and management
      • Understand profiles and artifacts
      • Manage core commands in mcpgen
        • Create and start a profile
        • List a profile
        • Start, stop, and restart profile containers
        • View container logs
        • Check profile status
      • Profile management and advanced operations
        • Export profiles for production
        • Harden development profiles
        • Generate OpenAPI specification
        • Rotate service account keys and tokens
        • Service account multi-token management
        • Cleanup and lifecycle management commands
        • Diagnostics and inspection commands
          • Doctor
          • Inspect
          • Client
      • Advanced commands
      • Quick start commands to create development profiles
      • Typical workflow and API discovery
      • Error patterns and remedies
      • Clean removal of profile
      • Debug and diagnostics
    • Operational guidelines and performance best practices for MCP servers
      • Routine operational tasks
      • Improve system observability
      • Capacity and performance
      • Safe upgrade process and rollback preparation
      • Configuration drift control
      • Prompts lifecycle
      • Security posture enhancements
      • Incident response snapshot
      • Operational runbooks for MCP server
      • Estimate key performance indicators
    • Configuration reference
      • Configuration groups
        • The api group
          • OpenAPI specification settings
          • Configure routes
          • Optional parameter validation
        • The security group
          • Authentication
            • Authentication headers and access information
            • Configure service account authentication
              • Token mode
              • OAuth mode
              • Authentication flow comparison
            • Configure user authentication
          • Authorization
        • The runtime group
          • Configure server transport settings
          • Configure TLS and mTLS certificates
          • Configure downstream HTTP settings
          • Configure response guard settings
          • Configure middleware settings
          • Validate tool parameters
        • The assistant group
        • The observability group
      • Configure environment variable overrides
      • Minimal configuration examples
      • Guidance and common pitfalls
    • Security and authentication architecture for MCP server
      • Threat model and mitigation strategies
      • Dual authentication process
      • JWKS retrieval and caching for JWT verification
      • Scope gating for discovery and execution
      • Protected resource metadata and RFC 9728 compliance
      • Token exchange for downstream services
      • TLS and mTLS for secure communication
      • Response guard strategy
      • Logging hygiene
      • Key and token rotation cadence
    • Manage prompts and tooling
      • Configure the prompt directory and size guard
      • Use helper tools for prompt management
      • Secure prompts with scopes
      • Add new prompts
      • Selection strategies for prompts
      • Failure modes and resolutions
    • OpenAPI visibility and context management
      • Define goals and guiding principles
      • Visibility and context features
      • Generate filter examples
      • Provide parameter examples
      • Manage per-tool context
      • Configuration examples for visibility and context features
      • Test visibility and context enrichment features
      • Quick checklist for enabling context features
    • Export and harden production deployment
      • Export modes
      • Hardening actions
      • Export process
      • Quality, security, and compliance checklist for MCP deployment
      • Run the application in production
      • Scaling considerations
        • Horizontal scaling
        • Vertical scaling
      • Observability in production
      • Security and performance checklist
      • Rotate security artifacts in production
      • Disaster recovery guidelines for MCP servers
      • Common failure modes and resolutions
    • Rate limiting in OpenEdge MCP Server
      • Implement rate limiting
      • Configuration keys for rate limiting
      • Recommended rate limiting values for different environments
      • Monitor rate limiting through observability and audit fields
      • Safe rollout strategy for rate limiting
      • Alerting suggestions for rate limiting
      • Tune and troubleshoot rate limiting
    • Upgrade process and key or certificate rotation
      • Version and upgrade principles
      • Pre-upgrade checklist and upgrade procedure
      • Service account key rotation
      • TLS and mTLS certificate rotation
      • Token renewal and revocation
      • Patterns to minimize downtime
      • Observability hooks during rotation
      • Rollback decision matrix
      • Automation suggestions
  • OpenAPI specification and advanced configuration
    • OpenAPI specification quality guidelines
      • Core principles for OpenAPI specifications
      • Request body guidelines
      • Define response schemas
      • Component schema hygiene
      • Define titles and descriptions for schemas and operations
      • Ensure clarity in parameter definitions
      • Error conventions
      • Versioning and deprecation guidelines
      • Hand-editing checklist before commit
      • Common pitfalls in API specifications
      • Minimal example for API specification
Table of Contents

Authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: December 23, 2025
  • 1 minute read
    • OpenEdge
    • Version 12.8
    • Documentation
Authentication verifies the identity of the server and users. The MCP server supports a dual model:
  • Service account (SA)—Represents the server or automation identity.
  • User credentials—Represents end-user context using tokens or JWTs.
Either or both models can be enabled. Scope-based filtering activates only when authentication is enabled.
Contents
  • Authentication headers and access information
  • Configure service account authentication
  • Configure user authentication
TitleResults for “How to create a CRG?”Also Available inAlert