Skip to main content

fastmcp.utilities.authorization

Authorization checks for FastMCP components. Auth checks are callables that receive an AuthContext and return True to allow access or False to deny it. They can also raise AuthorizationError to deny with a custom message; other exceptions are masked and treated as denial.

Functions

require_scopes

Require all of the given OAuth scopes.

restrict_tag

Require scopes when the accessed component has a specific tag.

run_auth_checks

Run auth checks with AND logic.

Classes

AuthContext

Context passed to auth check callables. Attributes:
  • token: The current access token, or None if unauthenticated.
  • component: The tool, resource, resource template, or prompt being accessed.
  • tool: Backwards-compatible alias for component when it is a Tool.
Methods:

tool

Backwards-compatible access to the component as a Tool.