Issue

When trying to connect an external MCP client to Panther's Remote MCP Server using OAuth and dynamic client registration, the following error occurs:

[API_CLIENTS_ERROR] Dynamic client registration did not return a client_secret

Resolution

To resolve this issue:

1. Confirm that your MCP client application supports OAuth public clients — that is, clients that do not require a client_secret in the dynamic registration response.

2. If you control the MCP client application, update its OAuth dynamic client registration handling to gracefully handle responses where client_secret is absent and token_endpoint_auth_method is set to "none".

3. If you are the developer of the MCP client in question, update your registration handler to treat client_secret as optional per RFC 7591 §3.2.1.

Cause

This issue occurs because Panther's OAuth implementation follows RFC 7591 (OAuth 2.0 Dynamic Client Registration Protocol), which makes client_secret optional for public clients. Panther responds with token_endpoint_auth_method: "none", intentionally omitting the client_secret for public clients.

If the connecting MCP client expects a client_secret to always be present in the dynamic registration response and throws an error when it is absent, the connection will fail.