Selora AI MCP Server: OAuth 2.0 Authentication
Bring OAuth 2.0 authentication to the Selora AI MCP server for secure Home Assistant connections, replacing manual long-lived tokens.
Roadmap
Ai
Mcp
Oauth
Security
Home-Assistant
Roadmap
Roadmap, Ai, Mcp, Oauth, Security, Home-AssistantBring OAuth 2.0 authentication to the Selora AI MCP server for secure Home Assistant connections, replacing manual long-lived tokens.Search results
Summary
Add OAuth 2.0 authentication to the Selora AI MCP server so that external MCP clients (e.g. Claude Desktop, Cursor) can connect securely to a user’s Home Assistant instance. This replaces the current manual long-lived token workflow with a standard OAuth 2.0 authorization code flow using short-lived, automatically refreshed tokens.
Value
- Improved UX: Users no longer need to navigate Home Assistant settings to manually generate and copy long-lived tokens. For SeloraBox users, connecting is a one-click experience — the OAuth flow is pre-configured out of the box.
- Enhanced Security: Short-lived tokens with automatic refresh reduce the risk associated with token theft or accidental sharing.
- Standardized Auth: Aligns with industry best practices (RFC 6749, PKCE) for third-party integrations.
- Revocability: Users can revoke Selora AI access directly from Home Assistant without hunting for stale tokens.
Scope
- OAuth 2.0 Implementation: Support for authorization code flow with PKCE (RFC 7636).
- Token Management: Secure storage and automatic refreshing of access tokens.
- MCP Server Integration: Update the Selora AI MCP server to handle OAuth-based authentication with Home Assistant.
- User Interface: Simple “Connect to Home Assistant” button in the MCP client.
Target customers
- Homeowners (ease of setup and security)
- Developers (standardized integration pattern)
Dependencies
- Selora Smart Agent (Epic #5): GitLab epic #5
- Infrastructure (Epic #7): GitLab epic #7
Last modified April 8, 2026: Update OAuth 2.0 roadmap item to clarify MCP server scope (006f01b)