Function: checkScopes()
checkScopes(
required):void
Defined in: index.ts:183
Asserts that the current request's token contains all required scopes. Throws if any scope is missing — the MCP SDK catches this and returns a tool error to the client. Use inside tool handlers for per-tool authorization.
Cognito tokens carry scopes as a space-separated string in payload.scope.
Parameters
| Parameter | Type |
|---|---|
required | string[] |
Returns
void
Example
server.tool('delete-user', schema, async (args) => {
checkScopes(['admin', 'write:users']);
// proceed only if caller has both scopes
});