> ## Documentation Index
> Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Disconnect a subject from an MCP server

> Deletes a subject's OAuth token or admin-installed per-subject credential override for an MCP server. Permissions: callers with `MANAGE_MCP_SERVER` (MCP managers) may revoke any supported subject; other callers may only revoke their own auth.



## OpenAPI

````yaml /openapi.json delete /api/svc/v1/mcp/{mcpServerId}/auth
openapi: 3.1.0
info:
  title: TrueFoundry API
  description: API for TrueFoundry
  version: 0.1.0
  contact: {}
servers:
  - url: https://{controlPlaneURL}
    variables:
      controlPlaneURL:
        default: app.truefoundry.com
        description: Control Plane URL
security: []
tags:
  - name: Agent
  - name: Agent Skills
  - name: Applications
  - name: Metrics
  - name: Apply
  - name: Artifacts
  - name: Audit Logs
  - name: Clusters
  - name: Jobs
  - name: Logs
  - name: MCP Servers V2
  - name: MLRepos
  - name: Model Deployments
  - name: Models
  - name: Personal Access Tokens
  - name: Prompts
  - name: Provider Integrations
  - name: SCIM v2
  - name: Secret Groups
  - name: Secrets
  - name: Teams
  - name: Traces
  - name: Users
  - name: Virtual Accounts
  - name: Role Bindings
  - name: Workspaces
paths:
  /api/svc/v1/mcp/{mcpServerId}/auth:
    delete:
      tags:
        - MCP Servers V2
      summary: Disconnect a subject from an MCP server
      description: >-
        Deletes a subject's OAuth token or admin-installed per-subject
        credential override for an MCP server. Permissions: callers with
        `MANAGE_MCP_SERVER` (MCP managers) may revoke any supported subject;
        other callers may only revoke their own auth.
      operationId: MCPServerV2.deleteMCPUserAuth
      parameters:
        - name: mcpServerId
          required: true
          in: path
          description: MCP server id (the `id` returned by `GET /v1/mcp`, not the `name`).
          schema:
            example: mcp-01HXYZ...
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DeleteMCPServerAuthBodyDto'
      responses:
        '200':
          description: Auth record deleted.
        '403':
          description: >-
            Caller is not an MCP manager for this server (required when deleting
            another subject's auth).
        '404':
          description: MCP server not found, or no matching auth record exists.
      security:
        - jwt: []
components:
  schemas:
    DeleteMCPServerAuthBodyDto:
      type: object
      properties:
        authSource:
          type: string
          enum:
            - oauth
            - auth-override
          description: >-
            Which auth record to delete. `oauth` revokes the subject's OAuth
            tokens; `auth-override` removes the admin-installed per-subject
            credential override.
        subjectId:
          type: string
          description: Target subject id whose auth record should be deleted.
        subjectType:
          type: string
          enum:
            - user
            - virtualaccount
          description: >-
            Subject type for the target principal. Delete is currently only
            supported for `user` and `virtualaccount` subjects.
      required:
        - authSource
        - subjectId
        - subjectType
      title: DeleteMCPServerAuthBodyDto
      x-fern-type-name: DeleteMCPServerAuthBodyDto
  securitySchemes:
    jwt:
      type: http
      scheme: bearer
      bearerFormat: JWT

````