Enabling OAuth

Typically OAuth is used to allow an identity provider (such as Microsoft or Google) to provide/enable logins to other sites (perhaps to a sports site). In this case, OAuth is being used to allow an AI to login to an MCP server, and since many of them support OAuth, PA File Sight can enable an internal OAuth server to support such logins.

Notes about logging in to the MCP server can be found here. Note that logins from AI into the MCP server happen as a user account that you setup, and requests are restricted by whatever that user account is allowed to access.

The OAuth server is disabled by default. Further, even when enabled, it is only capable of allowing logins to the PA File Sight installation where the user account exists.

To enable the OAuth server, set:

In addition, you are probably using OAuth to enable the MCP server to be accessed from the Internet (Cloud AI). With that in mind, the AI service will be given your publically accessible HTTPS server host and port. These need to be set in the following registry entries:

For example, if your MCP server will be publically accessible at:
https://www.contoso.com:81

then you would set:
MCP_OAuthIssuerURL = https://www.contoso.com:81

Note: This must match the public host:port that is used to access your HKEY_LOCAL_MACHINE\software\PAFileSight web interface.