2 min read
Definition
Credicorp publishes two: /.well-known/oauth-authorization-server (RFC 8414) describes the token endpoint, JWKS URI and supported grants; /.well-known/oauth-protected-resource tells a client which authorization server guards a resource — used by MCP clients.
In plain terms
A standard file that lets OAuth clients wire themselves up automatically.
Why it matters here
Point your library at the base URL and it reads these. See the authorization-server and protected-resource docs.
Related reading

Client-credentials grant
The client-credentials grant is the OAuth 2.0 machine-to-machine flow: a server exchanges a client ID and…
Read →
JWKS (JSON Web Key Set)
A JWKS is the published set of public keys that sign partner access tokens. Fetch it, cache by key ID, and…
Read →
Token introspection
Token introspection asks the authorization server whether a token is active and returns its scopes and…
Read →Funding for UK limited companies
Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.