mcp-tool-tiers-must-match-credential-requirements
MCP server tool policy tiers (read_only, standard, engagement) must align with the credentials required for each tool group. OAuth-gated write operations cannot be placed in the read_only tier — they must be in a separate engagement tier that is only registered when OAuth credentials are present. Misaligned tiers cause authorization failures at tool invocation rather than at registration.
Related
- phased-credential-activation-for-external-api-tools
- mcp-tool-namespace-discipline-fully-qualified-server-prefix
- xint-vs-xpulse-capability-gap-56-commands
- notebooklm
- docker
- xai-geo-proxy-via-xai-base-url-env-var
- xint-mcp-tiers-must-match-credential-requirements
- xint-mcp-credential-tier-separation-required
- xint-mcp-policy-tier-must-match-credential-phase
- xint-mcp-policy-tiers-must-match-credential-phases
- xint-mcp-tier-must-match-credential-phase
- xint-mcp-engagement-policy-required-for-phase-2b
- oracle-has-zero-citation-integrity-verification