Model Context Protocol (MCP) is a new standard for communication between AI agents and services, allowing agents to perform tasks by interacting with MCP servers. The protocol has undergone several revisions, with the relevant versions for authorization being from March, June, and November 2025. This article focuses primarily on the November 2025 version, which introduces mechanisms for authentication and authorization at the transport layer. Two transport technologies are currently in use: Standard Input/Output (stdio) and Streamable HTTP, with the latter being more complex due to its reliance on OAuth 2.1 for security. In the stdio transport, the MCP server operates locally, making authentication unnecessary since the server runs as a subprocess of the client. Configuration happens through environment variables, allowing for some level of authorization, such as API keys. In contrast, Streamable HTTP supports remote MCP servers, which often require a more robust authentication process. These servers utilize OAuth 2.1, where the MCP client acts as an OAuth client, and the MCP server serves as a resource server. The authorization server authenticates the MCP client and issues a token that the client presents to the MCP server for validation. The article highlights that while some remote MCP servers may not require authentication, most do, especially if they allow clients to perform actions. An important aspect of security involves managing how the MCP server handles requests on behalf of the client, especially differentiating between admin and non-admin users. For effective implementation, the article suggests using Token Exchange to generate new tokens that reflect both the client and server attributes when accessing downstream resources. The choice of authentication and authorization schemes is critical, and the MCP specification prohibits the passing through of tokens if alternative methods are selected.