Hugging Face's logo

Spaces:
MCP-1st-Birthday
/
HR-Assistant
Running

App Files Community
12
HR-Assistant / secrets /auth_flow.md
owenkaplinsky
Clean initial commit for HuggingFace
363cda9
preview code
|
raw
history blame contribute delete
828 Bytes

πŸ” Google MCP Auth Flow Summary

  • credentials.json β†’ App credentials (downloaded once from Google Cloud Console).
  • token.json β†’ User-specific OAuth token (auto-created on first run).

βš™οΈ When & How It Happens

  1. At MCP startup:
    The script loads credentials.json (OAuth client info).
  2. If no valid token.json:
    • Browser-based OAuth flow starts.
    • You log in and grant access.
    • A new token.json is saved locally.
  3. On later runs:
    • The MCP reads the existing token.json.
    • Automatically refreshes it if expired.
    • No browser prompt needed.

🚫 Git Hygiene

  • ❌ Never commit token.json to Git.
  • πŸ‘€ Each developer generates their own token.
  • πŸ–₯️ For servers or CI β†’ use a service account instead.