Discovery Document.
The JSON document an OAuth / OIDC issuer publishes at /.well-known/openid-configuration listing its endpoints, supported algorithms, scopes, and other capabilities — what makes self-configuring OIDC clients possible.
The discovery document is the OIDC trump card over SAML. SAML requires uploading metadata XML or fetching it from a URL the customer has to host; OIDC discovery is paste-the-URL-and-go. The same primitive makes MCP server discovery work in agent systems — every MCP server publishes a discovery document; the agent reads it to learn the authentication surface.
Common questions
What is /.well-known/openid-configuration?
How does the discovery document enable auto-configuration?
Should the discovery document be cached?
Related terms
In the guides
MCP Server Identity Model: Authentication, Authorization, and Trust for the Model Context Protocol
Model Context Protocol is OAuth 2.1 with discovery. How MCP servers register, authenticate clients, scope access, and where the protocol leaves identity questions to the implementer.
OpenID Connect (OIDC) Explained: The Modern Identity Layer on OAuth 2.0
OIDC adds authentication and identity claims to OAuth 2.0. How discovery, ID tokens, and the standard scopes work, plus the pitfalls that bite implementers in production.