OAuth 2.0 Intergration

MCP Server OAuth 2.0 Integration

Overview

Paytm MCP Server uses OAuth 2.0 to securely connect AI clients to your Paytm merchant account. Instead of sharing API keys directly with AI tools, OAuth lets you log in through Paytm's secure authorization page and grant access so your credentials stay with Paytm, never with the AI client.

While using client like Cursor or VS Code to connect to Paytm MCP Server:

The client redirects to Paytm's merchant dashboard login.
Log in with merchant credentials. Enter OTP.
Review and authorize the client to access different tools
Redirected back to the client connected and ready to use

No API keys to copy-paste. No secrets to manage. Just log in and authorize.

Benefits

Credentials stay secure	API keys and secrets are never shared with or stored by the client
Granular permissions	Control exactly what the AI client can access on your behalf
Temporary access	Temporary tokens replace long-lived credentials. Tokens expire automatically, limiting exposure.
Revocable anytime	Disconnect any AI client whenever you want

Dynamic Client Registration (DCR)

Paytm MCP Server supports Dynamic Client Registration (DCR), which means clients can register itselves automatically when connecting for the first time. Merchants don't need to manually create credentials or configure client IDs the AI tool handles the registration in the background as part of the standard MCP connection flow.