We are testing Custom MCP with OAuth for a multi-tenant SaaS use case.
Observed behavior: after one admin completes the OAuth flow, all Fin conversations appear to call our MCP server with the same OAuth token, even when the current conversation belongs to another customer/account.
Can you confirm:
- Is Custom MCP OAuth stored at the Intercom workspace / connector level?
- Does Intercom support per-contact or per-company OAuth grants for Custom MCP?
- Can Fin trigger an OAuth authorization flow for the current end customer during a conversation?
- Can Custom MCP tools receive Intercom User Tokens from
auth_tokens, or are User Tokens only supported by standard Data connectors? - Does every MCP tool call include a stable Intercom workspace/contact/company identifier in metadata or only via configured tool input parameters?
- Is there a supported way to send a dynamic Authorization header per current Messenger user for Custom MCP?
- If not, is the recommended design to use standard Data connectors with User tokens for customer-specific authenticated data?