> ## Documentation Index
> Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List MCP user auth overrides

> Lists every per-subject **auth override** installed on the server. Permissions: callers with `MANAGE_MCP_SERVER` (MCP managers) see overrides for every subject; other callers only see their own.



## OpenAPI

````yaml /openapi.json get /api/svc/v1/mcp/{mcpServerId}/auth
openapi: 3.1.0
info:
  title: TrueFoundry API
  description: API for TrueFoundry
  version: 0.1.0
  contact: {}
servers:
  - url: https://{controlPlaneURL}
    variables:
      controlPlaneURL:
        default: app.truefoundry.com
        description: Control Plane URL
security: []
tags:
  - name: Agent
  - name: Agent Skills
  - name: Applications
  - name: Metrics
  - name: Apply
  - name: Artifacts
  - name: Audit Logs
  - name: Clusters
  - name: Jobs
  - name: Logs
  - name: MCP Servers V2
  - name: MLRepos
  - name: Model Deployments
  - name: Models
  - name: Personal Access Tokens
  - name: Prompts
  - name: Provider Integrations
  - name: SCIM v2
  - name: Secret Groups
  - name: Secrets
  - name: Teams
  - name: Traces
  - name: Users
  - name: Virtual Accounts
  - name: Role Bindings
  - name: Workspaces
paths:
  /api/svc/v1/mcp/{mcpServerId}/auth:
    get:
      tags:
        - MCP Servers V2
      summary: List MCP user auth overrides
      description: >-
        Lists every per-subject **auth override** installed on the server.
        Permissions: callers with `MANAGE_MCP_SERVER` (MCP managers) see
        overrides for every subject; other callers only see their own.
      operationId: MCPServerV2.listMCPUserAuth
      parameters:
        - name: mcpServerId
          required: true
          in: path
          description: MCP server id (the `id` returned by `GET /v1/mcp`, not the `name`).
          schema:
            example: mcp-01HXYZ...
            type: string
        - name: limit
          required: false
          in: query
          description: Number of items per page
          schema:
            minimum: 1
            maximum: 1000
            nullable: true
            default: 100
            example: 10
            type: integer
        - name: offset
          required: false
          in: query
          description: Number of items to skip
          schema:
            minimum: 0
            nullable: true
            default: 0
            example: 0
            type: integer
      responses:
        '200':
          description: Paginated list of per-subject auth overrides.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ListMCPUserAuthResponse'
        '404':
          description: MCP server not found.
      security:
        - jwt: []
components:
  schemas:
    ListMCPUserAuthResponse:
      type: object
      properties:
        data:
          description: >-
            Per-subject auth override rows for the MCP server. Contains redacted
            `authData` values.
          type: array
          items:
            $ref: '#/components/schemas/MCPUserAuthListItemDtoV2'
        pagination:
          description: Pagination metadata for the returned page.
          allOf:
            - $ref: '#/components/schemas/Pagination'
      required:
        - data
        - pagination
      title: ListMCPUserAuthResponse
      x-fern-type-name: ListMCPUserAuthResponse
    MCPUserAuthListItemDtoV2:
      type: object
      properties:
        subjectId:
          type: string
          description: Principal id for this auth row (user id, virtual account id, etc.).
        subjectType:
          type: string
          enum:
            - user
            - virtualaccount
            - external_identity
            - oauth_code
            - '*'
            - org
          description: Subject type for this auth row.
        authSource:
          type: string
          enum:
            - oauth
            - auth-override
          description: Source of the auth record.
        authData:
          type: object
          description: Redacted auth data.
        updatedBySubject:
          description: Subject that last updated this auth record.
          nullable: true
          allOf:
            - $ref: '#/components/schemas/Subject'
        updatedAt:
          format: date-time
          type: string
          description: Timestamp of the last update to this auth record.
      required:
        - subjectId
        - subjectType
        - authSource
        - authData
        - updatedAt
      title: MCPUserAuthListItemDtoV2
      x-fern-type-name: MCPUserAuthListItemDtoV2
    Pagination:
      type: object
      properties:
        total:
          type: integer
          description: Total number of items
          example: 100
        offset:
          type: integer
          description: Number of items skipped
          example: 0
          nullable: true
        limit:
          type: integer
          description: Number of items per page
          example: 10
          nullable: true
      required:
        - total
      title: Pagination
      x-fern-type-name: Pagination
    Subject:
      type: object
      properties:
        subjectId:
          type: string
          description: Subject ID
        subjectType:
          description: Subject type
          allOf:
            - $ref: '#/components/schemas/SubjectType'
        subjectSlug:
          type: string
          description: Subject slug
          nullable: true
        subjectDisplayName:
          type: string
          description: Subject display name
          nullable: true
        subjectPatName:
          type: string
          description: Subject PAT name
          nullable: true
        subjectControllerName:
          type: string
          nullable: true
        subjectExternalIdentitySlug:
          type: string
          description: External identity slug (external_identity_id:sub:email)
          nullable: true
      required:
        - subjectId
        - subjectType
      title: Subject
      x-fern-type-name: Subject
    SubjectType:
      type: string
      enum:
        - user
        - team
        - serviceaccount
        - virtualaccount
        - external-identity
        - agent-identity
        - role
      description: >-
        Type of the authenticated subject. "user" for human users,
        "serviceaccount" (also known as virtual account) for programmatic
        access.
      title: SubjectType
      x-fern-type-name: SubjectType
  securitySchemes:
    jwt:
      type: http
      scheme: bearer
      bearerFormat: JWT

````