Set up authentication to Google and Google Cloud MCP servers

Most Google and Google Cloud Model Context Protocol (MCP) servers require authentication. You can authenticate using your own credentials or create separate credentials for your application. Depending on what your application supports, there are different methods of providing your credentials that require some configuration. The best method depends on how you plan to use the MCP server and which authentication methods your application supports.

This document describes how to configure your application to authenticate to Google and Google Cloud MCP servers. For more information about authentication, see Authenticate to Google and Google Cloud MCP servers.

Limitations

Google and Google Cloud remote MCP servers don't support Dynamic Client Registration or OAuth Client ID Metadata Documents.

Before you begin

  1. Enable the products that you want to use through MCP in your Google Cloud project.

  2. Ensure that you, or the agent you're using to authenticate to the MCP server, have the required roles and permissions to make MCP calls and access the Google or Google Cloud resources.

Required roles

To get the permission that you need to make MCP tool calls, ask your administrator to grant you the MCP Tool User (roles/mcp.toolUser) IAM role on Google Cloud project. For more information about granting roles, see Manage access to projects, folders, and organizations.

This predefined role contains the mcp.tools.call permission, which is required to make MCP tool calls.

You might also be able to get this permission with custom roles or other predefined roles.

To access Google and Google Cloud products through MCP, you or your agent must have the required permissions on the accessed resources. See the MCP server's product documentation for the required roles for specific actions.

Authentication methods

Most applications that can connect to MCP servers offer a way to add authentication, but not all Google authentication methods are supported by all applications. The following table lists some common authentication methods and when you might want to use them. Read the documentation for the application that you're using to determine which of these authentication methods are supported.

Authentication type Use cases
Application Default Credentials (ADC) Connecting from a Google-owned application like Antigravity, or a third-party application that supports ADC like Visual Studio Code, or from an application running on Google infrastructure.
OAuth 2.0 Client ID and secret Connecting from a Google-owned or third-party application.
Authorization header and OAuth 2.0 token Connecting from a Google-owned or third-party application using an OAuth 2.0 bearer token or an API key. This method has better security than using a client ID and secret, but OAuth tokens must be refreshed regularly.

Authentication identities

You can use the following identities to authenticate to Google and Google Cloud MCP servers:

If the principal you're using doesn't have the permissions that you need to accomplish your task, or if you want to use a service account in a development environment, then you can use service account impersonation.

Authenticate with Application Default Credentials

Some Google MCP clients use ADC automatically and might not require all the instructions in this section. For example, Antigravity authentication doesn't require using the authorization header. Read your application's authentication instructions to determine if it supports ADC, and how to configure it.

How you set up Application Default Credentials (ADC) depends on the environment where your code is running. The following instructions show you how to set up ADC using the Google Cloud CLI and your user identity for a local development environment. For more information about ADC for different environments, see Set up Application Default Credentials.

  1. Set up ADC for your local environment.

  2. Generate an application default token by running the following command:

    gcloud auth application-default print-access-token
    
  3. In your application's configuration file, add the following to your MCP server entry:

    "headers": {
      "Authorization": "Bearer TOKEN",
      "x-goog-user-project": "PROJECT_ID"
    }
    

    Replace the following:

    • TOKEN: the application default token.
    • PROJECT_ID: your project ID.

    The following example shows an MCP server entry that uses ADC for authentication to the Cloud Run MCP server:

    {
      "servers": [
        {
          "name": "My Cloud Run MCP Server",
          "uri": "https://run.googleapis.com/mcp",
          "headers": {
            "Authorization": "Bearer abCdeFghIj1234567890abCDEFghIJ0987654321az",
            "x-goog-user-project": "my-project"
          }
        }
      ]
    }
    

Authenticate with an OAuth 2.0 client ID and secret

You can create an OAuth 2.0 client ID and client secret to permit your AI application to authenticate to Google and Google Cloud remote MCP servers. When configured, the AI application can access resources that the authenticated user has access to, within the scopes that the user has authorized. This is achieved through OAuth tokens, so the actual user credentials are never shared with or stored in the AI application.

Depending on what kind of application you're using to send MCP requests, you'll need to select a Desktop or Web application client ID. Generally, if your application runs on your machine, then select Desktop. If you access your application through the internet, then select Web.

Create an OAuth 2.0 client ID and secret

To create a client ID and secret, complete the following steps for the type of client ID you want to create:

Web

Before creating a client ID for your web application, you need the following information:

  • REDIRECT_URL: The application redirect URL. The OAuth 2.0 server sends responses to this URL, and the user is redirected to it after they have authenticated with Google. Your application's documentation should provide the redirect URL. Custom redirect URLs aren't supported.
  • AUTHORIZED_JS_ORIGINS: The authorized JavaScript origins. Applications that use client-side JavaScript to access Google's APIs must specify the authorized JavaScript Origins. The origins identify the domains from which the application sends API requests. For more information, see Web applications.

Create a client ID for a web application

  1. In the Google Cloud console, go to Google Auth Platform > Clients > Create client.

    Go to Create client

    You are prompted to create a project if you don't have one selected.

  2. In the Application type list, select Web application.

  3. In the Name field, enter a name for your application.

  4. In the Authorized JavaScript origins section, click + Add URI, and then enter AUTHORIZED_JS_ORIGINS in the URIs field.

  5. In the Authorized redirect URIs section, click + Add URI, and then enter REDIRECT_URL in the URIs field.

  6. Click Create. The client is created.

    The OAuth 2.0 client created dialog opens.

  7. In the Client secrets section, copy the Client secret and save it in a secure place. You can only copy it once. If you lose it, delete the secret and create a new one.

Desktop

  1. In the Google Cloud console, go to Google Auth Platform > Clients > Create client.

    Go to Create client

    You are prompted to create a project if you don't have one selected.

  2. In the Application type list, select Desktop app.

  3. In the Name field, enter a name for your application.

  4. Click Create. The client is created.

    The OAuth 2.0 client created dialog opens.

  5. In the Client secrets section, copy the Client secret and save it in a secure place. You can only copy it once. If you lose it, delete the secret and create a new one.

For more information about OAuth 2.0 credentials, read Obtain OAuth 2.0 credentials from the Google API Console.

Add the client ID to your MCP server configuration

In your application's configuration file, add the following to your MCP server entry:

"oauth": {
  "clientId": "OAUTH_CLIENT_ID",
  "clientSecret": "OAUTH_CLIENT_SECRET",
  "scopes": ["SCOPE_1", "SCOPE_2"],
  "callbackPort": CALLBACK_PORT
  }

Replace the following:

  • OAUTH_CLIENT_ID: the OAuth 2.0 client ID.
  • OAUTH_CLIENT_SECRET: the OAuth 2.0 client secret.
  • SCOPE_1, SCOPE_2: the scopes needed to use the MCP server. To see what scopes are required, read the documentation for the MCP server you're configuring.
  • CALLBACK_PORT: the redirect URI or port that the user is sent to after authentication. Check the documentation for your application to determine the correct redirect URI.

The following example configures the Cloud Run MCP server with a read-only scope in Antigravity using a client ID and secret, and Antigravity's callback URI, https://antigravity.google/oauth-callback:

{
  "mcpServers": {
    "oauth-server": {
      "serverUrl": "https://run.googleapis.com/mcp",
      "oauth": {
        "clientId": "1234567890abcdefgh.apps.googleusercontent.com",
        "clientSecret": "${MY_OAUTH_CLIENT_SECRET}",
        "scopes": ["https://www.googleapis.com/auth/run.readonly"],
        "callbackPort": "https://antigravity.google/oauth-callback"
      }
    }
  }
}

Authenticate with an Authorization header

You can use an OAuth 2.0 Authorization header to authenticate with an OAuth 2.0 bearer token or an API key.

Authenticate with a bearer token

By default, bearer tokens expire after 1 hour. You can extend the lifetime of a token up to 12 hours by passing the --lifetime flag when you create the token. For more information about bearer tokens, see gcloud auth print-access-token.

  1. Create a bearer token with the Google Cloud CLI:

    gcloud auth print-access-token
    
  2. In your application's configuration file, add the following to your MCP server entry:

    "headers": {
      "Authorization": "Bearer TOKEN",
      "x-goog-user-project": "PROJECT_ID"
    }
    

    Replace the following:

    • TOKEN: your bearer token.
    • PROJECT_ID: your project ID.

    The following example shows an MCP server entry that uses an OAuth 2.0 bearer token for authentication to the Cloud Run MCP server:

    {
      "servers": [
        {
          "name": "My Cloud Run MCP Server",
          "uri": "https://run.googleapis.com/mcp",
          "headers": {
            "Authorization": "Bearer nYkwroEYjN4Fw1TTNhe69F4rR6o9bvrR1P4U1l0DVq9p81sN0",
            "x-goog-user-project": "my-project"
          }
        }
      ]
    }
    

Authenticate with an API Key

Standard API keys can only be used to authenticate to services that don't require a principal.

Services that don't require a principal can use API keys for authentication.

To create an API key for an AI application, do the following:

  1. In the Google Cloud console, go to the APIs & Services > Credentials page.

    Go Credentials

  2. Click Create credentials and then select API key.

  3. In the API key created dialog, click Edit API key.

    1. Edit the API key Application restrictions. Application restrictions limit an API key's usage to specific websites, IP addresses, Android applications, or iOS applications. You can set one application restriction per key.
    2. Edit the API key API restrictions. API restrictions specify the enabled APIs that the key can call.
  4. Click Save.

  5. In your application's configuration file, add the following to your MCP server entry:

    "headers": {
      "X-Goog-Api-Key": GOOGLE_API_KEY
    }
    

    Replace GOOGLE_API_KEY with the API key that has the required application and API restrictions.

    The following example configures the Maps Grounding Lite MCP server with an API key in Antigravity:

    {
      "mcpServers": {
        "my-remote-server": {
          "serverUrl": "https://mapstools.googleapis.com/mcp",
          "headers": {
            "X-Goog-Api-Key": "EXAMPLE_API_KEY_VALUE"
          }
        }
      }
    }
    

To keep your API key secure, follow the best practices for securely using API keys.

What's next