Application connections
Application connections let users authorize external applications to act on their behalf in Serverless projects using OAuth 2.1.
During technical preview, only MCP clients for the Elastic Agent Builder MCP server are supported. For that use case, OAuth 2.1 replaces static API keys when you need multi-user, delegated access. OAuth tokens are accepted only by the MCP server endpoint.
The sections below describe tasks for registering MCP clients, connecting hosts, revoking access, and managing connections at the project or organization level.
Application connections are not the same as Kibana connectors or search connectors. Kibana connectors store credentials so Kibana can send actions to external systems. Search connectors sync data from third-party sources into Elasticsearch.
To choose between an application connection or API keys to authorize external applications for the Elastic Agent Builder MCP server, refer to MCP server authentication.
Use the following pages to set up and manage application connections for MCP clients:
- OAuth for MCP clients: Set up and manage OAuth access for MCP clients, including registering clients, connecting hosts, and revoking access at the project level.
- Manage application connections: Audit and revoke authorized connections across your organization's Serverless projects in the Elastic Cloud Console.