fix: Make OAuth fully optional for remote MCP servers

packages/opencode/src/cli/cmd/mcp.ts

@@ -46,7 +46,7 @@ export const McpListCommand = cmd({
 
         for (const [name, serverConfig] of Object.entries(mcpServers)) {
           const status = statuses[name]
-          const hasOAuth = serverConfig.type === "remote" && !!serverConfig.oauth
+          const hasOAuth = serverConfig.type === "remote" && serverConfig.oauth !== false
           const hasStoredTokens = await MCP.hasStoredTokens(name)
 
           let statusIcon: string
@@ -108,20 +108,19 @@ export const McpAuthCommand = cmd({
         const config = await Config.get()
         const mcpServers = config.mcp ?? {}
 
-        // Get OAuth-enabled servers
-        const oauthServers = Object.entries(mcpServers).filter(([_, cfg]) => cfg.type === "remote" && !!cfg.oauth)
+        // Get remote servers that support OAuth (all remote servers unless oauth: false)
+        const oauthServers = Object.entries(mcpServers).filter(
+          ([_, cfg]) => cfg.type === "remote" && cfg.oauth !== false,
+        )
 
         if (oauthServers.length === 0) {
           prompts.log.warn("No OAuth-enabled MCP servers configured")
-          prompts.log.info("Add OAuth config to a remote MCP server in opencode.json:")
+          prompts.log.info("Add a remote MCP server in opencode.json:")
           prompts.log.info(`
   "mcp": {
     "my-server": {
       "type": "remote",
-      "url": "https://example.com/mcp",
-      "oauth": {
-        "scope": "tools:read"
-      }
+      "url": "https://example.com/mcp"
     }
   }`)
           prompts.outro("Done")
@@ -149,8 +148,8 @@ export const McpAuthCommand = cmd({
           return
         }
 
-        if (serverConfig.type !== "remote" || !serverConfig.oauth) {
-          prompts.log.error(`MCP server ${serverName} does not have OAuth configured`)
+        if (serverConfig.type !== "remote" || serverConfig.oauth === false) {
+          prompts.log.error(`MCP server ${serverName} has OAuth disabled`)
           prompts.outro("Done")
           return
         }

packages/plugin/package.json

@@ -24,4 +24,4 @@
     "typescript": "catalog:",
     "@typescript/native-preview": "catalog:"
   }
-}
+}

packages/sdk/js/package.json

@@ -29,4 +29,4 @@
   "publishConfig": {
     "directory": "dist"
   }
-}
+}

packages/web/src/content/docs/mcp-servers.mdx

@@ -186,14 +186,15 @@ If you have client credentials from the MCP server provider, you can configure t
       "url": "https://mcp.example.com/mcp",
       "oauth": {
         "clientId": "{env:MY_MCP_CLIENT_ID}",
-        "clientSecret": "{env:MY_MCP_CLIENT_SECRET}",
-        "scope": "tools:read tools:execute"
+        "clientSecret": "{env:MY_MCP_CLIENT_SECRET}"
       }
     }
   }
 }
 ```
 
+OAuth scopes are typically handled automatically during authorization. You don't need to specify them manually unless you need specific permissions.
+
 #### Disabling OAuth
 
 If you want to disable automatic OAuth for a server (e.g., for servers that use API keys instead), set `oauth` to `false`:
@@ -221,7 +222,7 @@ If you want to disable automatic OAuth for a server (e.g., for servers that use
 | `oauth`        | Object \| false |          | OAuth config object, or `false` to disable OAuth auto-detection.                 |
 | `clientId`     | String          |          | OAuth client ID. If not provided, dynamic client registration will be attempted. |
 | `clientSecret` | String          |          | OAuth client secret, if required by the authorization server.                    |
-| `scope`        | String          |          | OAuth scopes to request during authorization.                                    |
+| `scope`        | String          |          | OAuth scopes (handled automatically by default, only specify to override).       |
 
 #### Authenticating