Hi follows - I see documentation on MCP. Please check if anyone interested to know more ..
https://www.palantir.com/docs/foundry/palantir-mcp/overview/
Thanks for sharing.
Iâd like to understand if there are plans to support downscoping of personal tokens (resources and permissions) to make the usage of MCP with LLMs less risky and prevent the blast radius of actions being taken.
The Developer Console does support this for the Platform SDK on third party apps. Maybe using a developer console app for authenticating the MCP would be a good approach? There you should be able by now to set the scope to different APIs and projects. This is especially cool for administrators in the platform 
So the actual question is how to integrate your Plugin with OAuth2.
Here is a hint on this from the https://docs.cline.bot/mcp/mcp-server-development-protocol#common-challenges-and-solutions.
Even though I havent tried it, you should be able to achieve the limitation of MCP to selected resources like this assuming that the MCP simply uses the Foundry API.
Also, make sure that when you write the oauth script, that you include the âoffline_accessâ scope to the authorization request, otherwise you do not receive a refresh token.
1 Like