{
  "$type": "site.standard.document",
  "description": "Why most teams should let an API gateway handle the new MCP Protected Resource Metadata flow instead of hand-rolling OAuth in their own server code.",
  "path": "/blog/mcp-prm-auth/",
  "publishedAt": "2025-06-26T00:00:00.000Z",
  "site": "at://did:plc:rkjxbatkiros6f7pwtgsir54/site.standard.publication/self",
  "tags": [
    "api",
    "authorization",
    "security",
    "mcp",
    "ai",
    "distributed-systems",
    "azure"
  ],
  "title": "Please Don't Write Your Own MCP Authorization Code"
}