{"slug": "i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually", "title": "I Connected Oracle's Managed MCP Server to AI Chat Clients - Here's What Actually Worked", "summary": "Oracle's managed MCP server for database queries works with desktop AI clients like Claude Desktop and VS Code Cline, but fails with server-hosted web UIs due to OAuth discovery issues. A developer successfully connected it for read-only health checks on Oracle E-Business Suite by using a private endpoint, a read-only database user, and static OAuth metadata with desktop clients.", "body_md": "AI assistants are getting good at *doing* things, not just talking — largely thanks to **MCP (Model Context Protocol)**, the open standard that lets an AI client call external tools. Oracle recently shipped a **managed MCP server** in OCI (Database Tools MCP Server) that lets an AI client run queries against an Oracle database, with OAuth and role-based access built in.\n\nI wanted to use it for something practical: **read-only health checks for an Oracle E‑Business Suite database on 19c, surfaced inside an AI chat** — *\"Is the database up? Any blocking sessions? Which concurrent managers are down?\"*\n\nIt worked in the end — an AI assistant pulling **live, read-only** database health data. But getting there taught me a lot about how managed MCP + OAuth actually behaves. Here's the honest journey.\n\nThe MCP service is *managed* — it runs in Oracle's tenancy, not your network. So it can't reach a private database by itself. You attach a **Private Endpoint** to give it a foothold inside your VCN. Keeping things private is exactly *why* you need the endpoint, not a reason to skip it.\n\nI pointed the connection at a **read-only database user**. Even though the toolset can run general SQL, the account simply *can't write*. That one decision beats any amount of \"please be careful\" prompting.\n\nEvery OCI MCP server URL has an API-version segment like `/20250830/`\n\n. I reused a URL from an earlier server with a *different* date. Result: **HTTP 404 on every call**, no matter how perfect my auth was. Lesson: **copy the exact Server URL from the console**, version date included. The 404 looked like an auth problem for ages — it wasn't.\n\nThe big one. Many clients' MCP OAuth is **discovery-driven**: hit the server, expect a **401** with OAuth metadata, use it to launch the login. Oracle's server returns **404** to unauthenticated requests — so a self-hosted web chat UI (I tried LibreChat) **never builds the login URL** and can't start the flow, even when everything is configured correctly.\n\nTwo things compound it for server-hosted web UIs:\n\nSo server-hosted chat UIs aren't a good fit for this server today.\n\nI tried a **client-credentials** token (app identity) to skip the browser. It authenticated (HTTP 200!) but every tool call returned `Missing required permissions`\n\n. The access role is a **user** role — and client-credentials tokens carry **scopes, not roles**. The fix was an **authorization_code (user) token**: the *user* has the role, so their token is authorized.\n\nDesktop AI clients have a **browser** for the login and happily do the user OAuth flow. Using `mcp-remote`\n\nwith **static OAuth metadata** (so it doesn't depend on the 404 discovery), I connected from **Claude Desktop** and **VS Code + Cline**:\n\n```\n{\n  \"mcpServers\": {\n    \"db_diag\": {\n      \"command\": \"npx.cmd\",\n      \"args\": [\n        \"-y\", \"mcp-remote\",\n        \"<exact Server URL with the correct /YYYYMMDD/>\",\n        \"3334\",\n        \"--static-oauth-client-info\", \"{\\\"client_id\\\":\\\"<public client id>\\\"}\",\n        \"--static-oauth-server-metadata\", \"{\\\"issuer\\\":\\\"...\\\",\\\"authorization_endpoint\\\":\\\".../authorize\\\",\\\"token_endpoint\\\":\\\".../token\\\"}\"\n      ]\n    }\n  }\n}\n```\n\nA browser opened, I logged in as a user with the right role, and the tools appeared. Asking *\"give me the instance overview\"* returned live data — instance name, version, open mode, uptime — all read-only.\n\n`npx`\n\nand fail with `ENOENT`\n\n— use `npx.cmd`\n\n`EADDRINUSE`\n\n) — give each its own port and register both redirects.`TO_CHAR(date,'HH24:MI:SS')`\n\n`gv$`\n\n`v$`\n\n) to see all RAC instances.If you're wiring an AI client to Oracle's managed MCP server, I hope this saves you a few hours. Questions welcome in the comments. 👇", "url": "https://wpnews.pro/news/i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually", "canonical_source": "https://dev.to/rkondoju/i-connected-oracles-managed-mcp-server-to-ai-chat-clients-heres-what-actually-worked-265", "published_at": "2026-06-17 04:48:47+00:00", "updated_at": "2026-06-17 05:21:48.220458+00:00", "lang": "en", "topics": ["ai-tools", "developer-tools", "large-language-models", "ai-agents"], "entities": ["Oracle", "OCI", "Claude Desktop", "VS Code", "Cline", "LibreChat", "MCP", "Oracle E-Business Suite"], "alternates": {"html": "https://wpnews.pro/news/i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually", "markdown": "https://wpnews.pro/news/i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually.md", "text": "https://wpnews.pro/news/i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually.txt", "jsonld": "https://wpnews.pro/news/i-connected-oracle-s-managed-mcp-server-to-ai-chat-clients-here-s-what-actually.jsonld"}}