Support AWS Bedrock AgentCore Gateway as an approved Figma MCP client

Question

We’re trying to connect Figma’s official remote MCP server to AWS Bedrock AgentCore Gateway for an internal enterprise AI workflow.

We can discover the MCP/OAuth metadata correctly, but dynamic client registration to https://api.figma.com/v1/oauth/mcp/register returns 403 Forbidden, and existing Figma PAT/service-token auth is rejected by https://mcp.figma.com/mcp because it requires the mcp:connect OAuth scope.

Our use case is not a public MCP client or IDE plugin. It is a secured internal gateway that already handles Auth0 user authentication and routes to Jira, GitHub, Lucid, and Figma tools. We would like to use the official Figma MCP instead of maintaining a REST-based workaround.

Is there a supported path for enterprise/internal AgentCore gateways to obtain an approved mcp:connect OAuth client, or to register an internal/private MCP client that is not listed publicly in the Figma MCP Catalog?

djv · Answer

Hi ​@Nitish Kumar Pilla, thanks for reaching out!I completely understand how this must be slowing down your workflow, butthis is a known limitation of how Figma's MCP OAuth system currently works.The `mcp:connect` OAuth scope is restricted to a pre-approved set of clients listed in the **Figma MCP Catalog**. Dynamic client registration at `https://api.figma.com/v1/oauth/mcp/register` will return a 403 for any client not on that list, and PATs/service tokens are not accepted by the MCP server as an alternative.OAuth with `mcp:connect` is the only supported auth path.If you want to connect a private or internal gateway (like your AgentCore setup), the current path forward is to apply to the Figma MCP Catalog Waitlistfor manual vetting. There's no self-serve registration for private/internal clients at this time.Hope thishelps clarify things, and good luck with the waitlist, if decide to go that route!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded