start_authentication
Initiate OAuth authentication for Kroger by generating a URL for user authorization. Users open the URL in their browser, authenticate, and provide the callback URL to complete the process.
Instructions
Start the OAuth authentication flow with Kroger.
This tool returns a URL that the user needs to open in their browser
to authenticate with Kroger. After authorization, the user will be
redirected to a callback URL that they need to copy and paste back.
Returns:
Dictionary with authorization URL and instructions
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Implementation Reference
- src/kroger_mcp/tools/auth.py:28-87 (handler)The handler function decorated with @mcp.tool() that implements the core logic for starting the Kroger OAuth authentication flow using PKCE, generating an authorization URL and providing instructions.@mcp.tool() async def start_authentication(ctx: Context = None) -> Dict[str, Any]: """ Start the OAuth authentication flow with Kroger. This tool returns a URL that the user needs to open in their browser to authenticate with Kroger. After authorization, the user will be redirected to a callback URL that they need to copy and paste back. Returns: Dictionary with authorization URL and instructions """ global _pkce_params, _auth_state # Generate PKCE parameters _pkce_params = generate_pkce_parameters() # Generate a state parameter for CSRF protection _auth_state = _pkce_params.get('state', _pkce_params.get('code_verifier')[:16]) # Get client_id and redirect_uri from environment client_id = os.environ.get("KROGER_CLIENT_ID") redirect_uri = os.environ.get("KROGER_REDIRECT_URI", "http://localhost:8000/callback") if not client_id: if ctx: await ctx.error("Missing KROGER_CLIENT_ID environment variable") return { "error": True, "message": "Missing KROGER_CLIENT_ID environment variable. Please set up your Kroger API credentials." } # Initialize the Kroger API client kroger = KrogerAPI() # Scopes needed for Kroger API (cart.basic:write is needed for cart operations) scopes = "product.compact cart.basic:write" # Get the authorization URL with PKCE auth_url = kroger.authorization.get_authorization_url( scope=scopes, state=_auth_state, code_challenge=_pkce_params["code_challenge"], code_challenge_method=_pkce_params["code_challenge_method"] ) if ctx: await ctx.info(f"Generated auth URL with PKCE: {auth_url}") return { "auth_url": auth_url, "instructions": ( "1. Click this link to authorize: [🔗 Authorize Kroger Access]({auth_url})\n" " - Please present the authorization URL as a clickable markdown link\n" "2. Log in to your Kroger account and authorize the application\n" "3. After authorization, you'll be redirected to a callback URL\n" "4. Copy the FULL redirect URL from your browser's address bar\n" "5. Use the complete_authentication tool with that URL to complete the process" ).format(auth_url=auth_url) }
- src/kroger_mcp/server.py:78-78 (registration)The call to register the authentication tools (including start_authentication) with the main FastMCP server instance.auth_tools.register_tools(mcp)
- src/kroger_mcp/tools/auth.py:25-25 (registration)The function that defines and registers the authentication tools via @mcp.tool() decorators when called by the server.def register_auth_tools(mcp):