feat: add outbound auth wizard step with OAuth and API Key credential creation#417
Open
aidandaly24 wants to merge 4 commits intoaws:feat/gateway-integrationfrom
Open
Conversation
37b14c8 to
66a33cc
Compare
66a33cc to
a8682f4
Compare
6c91b7c to
a8682f4
Compare
a8682f4 to
606661b
Compare
notgitika
requested changes
Feb 24, 2026
606661b to
630afdc
Compare
… creation Add outbound-auth step to gateway-target TUI wizard after gateway/host selection: - Auth type selection: No authorization, OAuth 2LO, API Key - Credential selection: create new or use existing - OAuth inline creation: name, client ID, masked client secret, discovery URL - API Key inline creation: name, masked API key - Confirm screen shows auth type and credential name - Error handling resets sub-flow on credential creation failure
MCP server targets require OAuth or API Key credential providers. GATEWAY_IAM_ROLE is not supported for MCP server targets. Since MCP server is the only target type in Phase 1, remove the NONE option entirely.
9108f0e to
975a54c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
When creating a gateway target through the TUI wizard, users previously had no way to configure outbound authentication. They'd have to manually edit mcp.json to add auth config after the
fact.
This PR adds an outbound auth step to the wizard flow. After selecting a gateway, users now see:
If "No authorization" is selected, the wizard skips straight to confirm. If credential creation fails (e.g. duplicate name), the sub-flow resets so the user can try again.
The confirm screen now shows the auth type and credential name in the review.
Note: API Key was removed from the outbound auth options as MCP server targets only support OAuth and NoAuth per the service documentation.
New wizard flows:
This is the TUI layer on top of the operations added in the previous PR (Task 12a), which added createCredential OAuth support and CLI flags.
Related Issue
Part of the MCP Gateway Phase 1 integration (gateway-integration branch). Task 12b.
Type of Change
Testing
How have you tested the change?
No new tests — this is TUI wiring over the operations layer tested in Task 12a. The credential creation, validation, and config writing are all covered by existing tests.
Checklist