| Term | Definition |
|---|---|
| Access token | A temporary credential used to authenticate requests and authorize access to protected resources. |
| Agent | A software component that uses MCP tools to perform actions on behalf of a user based on prompts or instructions. |
| Authentication | The process of verifying identity before allowing access to a system or service. |
| Authorization | The process of determining which actions are permitted after identity is verified. |
| JWT (JSON Web Token) | A signed token format used to securely transmit authentication and authorization information. |
| MCP Client | An application or tool that connects to an MCP server using MCP. MCP clients send requests to the server and receive structured responses, enabling users to interact with data sources and services through natural language. Examples include developer tools such as Visual Studio Code, AI assistants such as Claude, and workflow automation platforms such as Flowise and LangGraph. |
| MCP tool | A server‑side operation that can be discovered and executed through the Model Context Protocol. |
| RBAC (Role-Based Access Control) | An authorization model that restricts actions based on assigned roles and permissions. |