All releases
Auxot Server v0.1.42 June 26, 2026

MCP OAuth 2.1, Slack thread improvements, and auth UX overhaul

Adds MCP OAuth 2.1 support with a unified connection form and curated catalog, fixes several Slack threading bugs, and standardizes Basic auth encoding across all credential sources.


Features

  • MCP OAuth 2.1 and unified connection form: Added OAuth 2.1 support for MCP connections alongside a redesigned unified connection form. Credentials can now be assigned directly to agents from the connection UI.
  • Curated MCP catalog: Introduced a structured MCP service catalog with pre-configured auth metadata, making it faster to connect to common services.
  • Auth prefix dropdown with Basic base64 encoding: HTTP header rows now include an auth prefix dropdown that automatically base64-encodes user:password pairs for Basic auth.
  • Slack get_thread with branch filtering: get_thread now returns the last N messages and supports filtering by from_external_id to scope results to a specific conversation branch.
  • Synthetic assistant messages for handled Slack mentions: Already-handled Slack mentions now inject a synthetic assistant message into the thread context so agents have accurate conversation history.

Fixes

  • Basic auth encoding is now always server-side: Basic auth base64 encoding happens at credential resolution time on the server for all credential sources, preventing double-encoding and client-side inconsistencies.
  • Atlassian MCP auth corrected: Fixed Atlassian MCP connections to use Basic base64(email:token) format as required by the Rovo MCP spec.
  • Slack DM replies no longer buried in stale sub-threads: Fixed an issue where DM replies were being routed into outdated sub-threads instead of the active conversation.
  • Slack per-mention thread ID protected from stamp overwrite: The external thread ID set per-mention is no longer overwritten by later timestamp stamps.
  • Slack trigger message seeding and false self-injection suppressed: Eliminated spurious self-injection and trigger message seeding that caused agents to process their own messages.
  • MCP inline resource text extraction: Fixed extraction of inline resource.text content for all URI schemes, ensuring resource responses are correctly parsed.