The MCP authorization spec mandates OAuth 2.1 Authorization Code + PKCE with a loopback browser redirect, which excludes any agent that has no local browser: Claude Code in containers, CI runners, SSH sessions, chat-bridged agents where the human and the agent live on different machines.

RFC 8628 (OAuth 2.0 Device Authorization Grant) is OAuth's standard answer for exactly this case. The agent prints a short user code and verification URL, the user approves from any device with a browser, the agent polls for the token. Claude Desktop and Cursor already implement device flow as a vendor extension by sniffing device_authorization_endpoint and urn:ietf:params:oauth:grant-type:device_code from the authorization server metadata, but every implementation is reinventing the contract because the spec doesn't recognize the grant.

The MCP spec should be updated to include RFC 8628 in MCP's recommended grants alongside Authorization Code + PKCE, define the discovery and triggering conventions, and let clients implement it once and consistently. This is distinct from SEP-1933 (Workload Identity Federation), which addresses "agent acts as itself" via platform-issued JWTs. Device flow addresses "agent acts on behalf of a user who isn't co-located with the agent."