Yeah, I think that’s broadly right.

MCP has plenty of problems, but standardising on OAuth was one of the better calls. Expiry, scopes, rotation, delegated access, all much better than the usual CLI pattern of long-lived API keys. The CLI story there is still pretty rough.

And once the policy model is host/path matching, GraphQL and JSON-RPC become awkward immediately unless the proxy starts understanding payload semantics.