Skip to main content
Question

Allowlist internal AgentCore Gateway OAuth client for remote Figma MCP

  • July 7, 2026
  • 0 replies
  • 9 views

Carlos Hernandez

We're connecting Figma's official remote MCP server to AWS Bedrock AgentCore Gateway for an internal enterprise AI workflow used by our design and development teams.

We can discover the MCP/OAuth metadata correctly, but the connection is blocked at authorization. Our use case is not a public MCP client or IDE plugin. It's a secured internal gateway that already handles user authentication (<Auth0 / your IdP>) and routes to <Jira, GitHub, Figma, ...> tools. We use AgentCore Gateway specifically for security: it enforces fine-grained, per-tool access control over which MCP tools each user can invoke, centralizes outbound OAuth credential handling, and audits every tool call through a single controlled egress point. Connecting IDEs directly to Figma would bypass these controls, which our security policy doesn't allow.