> ## Documentation Index
> Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get MCP server auth status for a subject

> Returns the effective per-subject auth status for an MCP server. Permissions: callers with `MANAGE_MCP_SERVER` (MCP managers) may query any subject; other callers may only query their own subject.



## OpenAPI

````yaml /openapi.json get /api/svc/v1/mcp/{mcpServerId}/auth/status
openapi: 3.1.0
info:
  title: TrueFoundry API
  description: API for TrueFoundry
  version: 0.1.0
  contact: {}
servers:
  - url: https://{controlPlaneURL}
    variables:
      controlPlaneURL:
        default: app.truefoundry.com
        description: Control Plane URL
security: []
tags:
  - name: Agent
  - name: Agent Skills
  - name: Applications
  - name: Metrics
  - name: Apply
  - name: Artifacts
  - name: Audit Logs
  - name: Clusters
  - name: Jobs
  - name: Logs
  - name: MCP Servers V2
  - name: MLRepos
  - name: Model Deployments
  - name: Models
  - name: Personal Access Tokens
  - name: Prompts
  - name: Provider Integrations
  - name: SCIM v2
  - name: Secret Groups
  - name: Secrets
  - name: Teams
  - name: Traces
  - name: Users
  - name: Virtual Accounts
  - name: Role Bindings
  - name: Workspaces
paths:
  /api/svc/v1/mcp/{mcpServerId}/auth/status:
    get:
      tags:
        - MCP Servers V2
      summary: Get MCP server auth status for a subject
      description: >-
        Returns the effective per-subject auth status for an MCP server.
        Permissions: callers with `MANAGE_MCP_SERVER` (MCP managers) may query
        any subject; other callers may only query their own subject.
      operationId: MCPServerV2.getAuthStatus
      parameters:
        - name: mcpServerId
          required: true
          in: path
          description: MCP server id (the `id` returned by `GET /v1/mcp`, not the `name`).
          schema:
            example: mcp-01HXYZ...
            type: string
        - name: subjectId
          required: true
          in: query
          description: Target subject id.
          schema:
            type: string
        - name: subjectType
          required: true
          in: query
          description: Subject type for the target principal.
          schema:
            type: string
            enum:
              - user
              - virtualaccount
              - external-identity
      responses:
        '200':
          description: Per-subject auth status for the MCP server.
          content:
            application/json:
              schema:
                oneOf:
                  - $ref: '#/components/schemas/MCPServerAuthStatusAuthenticated'
                  - $ref: '#/components/schemas/MCPServerAuthStatusAuthRequired'
                  - $ref: '#/components/schemas/MCPServerAuthStatusAuthNotRequired'
        '403':
          description: >-
            Caller is not an MCP manager for this server (required when querying
            another subject).
        '404':
          description: MCP server not found.
      security:
        - jwt: []
components:
  schemas:
    MCPServerAuthStatusAuthenticated:
      type: object
      properties:
        status:
          type: string
          enum:
            - authenticated
            - authentication_required
            - authentication_not_required
        method:
          type: string
          enum:
            - oauth
            - auth-override
          description: Authentication source that satisfied this status.
          nullable: true
      required:
        - status
      title: MCPServerAuthStatusAuthenticated
      x-fern-type-name: MCPServerAuthStatusAuthenticated
    MCPServerAuthStatusAuthRequired:
      type: object
      properties:
        status:
          type: string
          enum:
            - authenticated
            - authentication_required
            - authentication_not_required
        method:
          type: string
          enum:
            - oauth
            - auth-override
          description: Authentication source that satisfied this status.
          nullable: true
        reason:
          type: string
          description: >-
            Why the subject has authentication required status (e.g.
            `refresh_failed`, `invalid_grant`).
          example: User needs to complete the OAuth2 authorization flow.
          nullable: true
      required:
        - status
      title: MCPServerAuthStatusAuthRequired
      x-fern-type-name: MCPServerAuthStatusAuthRequired
    MCPServerAuthStatusAuthNotRequired:
      type: object
      properties:
        status:
          type: string
          enum:
            - authenticated
            - authentication_required
            - authentication_not_required
        reason:
          type: string
          description: >-
            Why per-subject auth is not applicable for this server
            configuration.
          example: This MCP server has no authentication configured.
      required:
        - status
        - reason
      title: MCPServerAuthStatusAuthNotRequired
      x-fern-type-name: MCPServerAuthStatusAuthNotRequired
  securitySchemes:
    jwt:
      type: http
      scheme: bearer
      bearerFormat: JWT

````