# Credicorp — agent authentication & registration

> How an AI agent obtains OAuth 2.0 credentials to call Credicorp's **authenticated, read-only** Model Context Protocol (MCP) server. Every endpoint below is a `https://credicorp.co.uk` front-door route; requests are reverse-proxied to Credicorp's hub OAuth plane upstream. This document is served from [https://credicorp.co.uk/auth.md](https://credicorp.co.uk/auth.md).

## What you are authenticating to

- **Protected resource (the MCP):** `https://credicorp.co.uk/partner/mcp`
- **Transport:** streamable-http
- **Access:** strictly **read-only**, scope-gated. Application lookup, customer/loan summaries, ops-queue status, decisioning explainer, platform metrics and config review. No write, money-out or decisioning-override tool exists on this plane.

## OAuth 2.0 server

- **Issuer:** `https://credicorp.co.uk`
- **Authorization-server metadata (RFC 8414):** https://credicorp.co.uk/.well-known/oauth-authorization-server
- **Protected-resource metadata (RFC 9728):** https://credicorp.co.uk/.well-known/oauth-protected-resource
- **Token endpoint:** `https://credicorp.co.uk/oauth/token`
- **JWKS:** `https://credicorp.co.uk/oauth/jwks`
- **Introspection endpoint (RFC 7662):** `https://credicorp.co.uk/oauth/introspect`
- **Grant type:** `client_credentials` (machine-to-machine — there is no user-facing authorize step)
- **Client authentication:** `client_secret_basic` or `client_secret_post`

## Read-only scopes

Request only the scopes your agent needs. All scopes on this plane are read-only:

- `mcp:read`
- `applications:read`
- `customers:read`
- `loans:read`
- `ops:read`
- `decisioning:read`
- `metrics:read`
- `config:read`

## How staff / owner get a client

1. **Request a client.** Credicorp staff and the owner request a partner OAuth client (client_id + client_secret) and the read-only scopes the agent needs via https://credicorp.co.uk/contact/. Clients are issued by the platform owner on the hub — they are not self-service and are not granted to third parties.
2. **Obtain a token.** Exchange the client credentials at the token endpoint:

   ```http
   POST https://credicorp.co.uk/oauth/token
   Content-Type: application/x-www-form-urlencoded
   Authorization: Basic base64(client_id:client_secret)

   grant_type=client_credentials&scope=mcp:read applications:read
   ```

   The response is a short-lived bearer access token (`token_type: Bearer`).
3. **Call the MCP.** Send the token as a bearer header to the protected resource:

   ```http
   POST https://credicorp.co.uk/partner/mcp
   Authorization: Bearer <access_token>
   Content-Type: application/json
   ```

## Related discovery documents

- **Authorization-server metadata:** https://credicorp.co.uk/.well-known/oauth-authorization-server
- **Protected-resource metadata:** https://credicorp.co.uk/.well-known/oauth-protected-resource
- **API catalog (RFC 9727):** https://credicorp.co.uk/.well-known/api-catalog
- **Agent skills index:** https://credicorp.co.uk/.well-known/agent-skills/index.json
- **Public MCP server card:** https://credicorp.co.uk/.well-known/mcp/server-card.json
- **Agent discovery:** https://credicorp.co.uk/.well-known/agents.json