Sync open source content 🐝 (from 70a18bf9a19d29fffafcd6a2969b5c28713ea127)

Author: beezythebot

mcp/ai-agents/real-world-examples.mdx

@@ -1,10 +1,11 @@
 ---
 title: What is MCP authorization?
 description: Learn how authorization works in the Model Context Protocol.
+asIndexPage: true
 ---
 
 import { Callout } from "@/mdx/components";
-import GramCallout from "../.partials/gram-callout.mdx";
+import GramCallout from "./.partials/gram-callout.mdx";
 
 <GramCallout />
 
@@ -83,7 +84,6 @@ When an agent tries to access this system through an MCP client, the following f
 4. **User consent**: The client is authenticated and granted the requested permissions, for example, for an `editor` role.
 5. **Token exchange**: After consent, the authorization server issues an access token.
 6. **Authorized request**: The client includes this token in subsequent requests and can access only the tools allowed by the role.
-
    - For example, a client with the `editor` role can call `readDocument`, `createDocument`, and `updateDocument`, but not `deleteDocument`.
 
 7. **Permission verification**: The MCP server validates not just the token's authenticity but also the specific permissions it grants.
@@ -232,7 +232,6 @@ flowchart LR
    ![Sentry OAuth authorization dialog](/assets/mcp/mcp-authorization/mcp-sentry-approve.png)
 
 7. **Double token exchange**:
-
    - Sentry issues an OAuth token to the MCP server (not to your client).
    - The MCP server creates its own session token for your client.
    - The Sentry token stays secure on the server side.