View a markdown version of this page

AWSMCPSignInOAuthAccessPolicy - AWS Managed Policy

AWSMCPSignInOAuthAccessPolicy

Description: Provides access to authenticate to the AWS MCP server using AWS Sign-In OAuth

AWSMCPSignInOAuthAccessPolicy is an AWS managed policy.

Using this policy

You can attach AWSMCPSignInOAuthAccessPolicy to your users, groups, and roles.

Policy details

  • Type: AWS managed policy

  • Creation time: July 09, 2026, 06:57 UTC

  • Edited time: July 09, 2026, 06:57 UTC

  • ARN: arn:aws:iam::aws:policy/AWSMCPSignInOAuthAccessPolicy

Policy version

Policy version: v1 (default)

The policy's default version is the version that defines the permissions for the policy. When a user or role with the policy makes a request to access an AWS resource, AWS checks the default version of the policy to determine whether to allow the request.

JSON policy document

{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "AllowOAuthForAWSMCP", "Effect" : "Allow", "Action" : [ "signin:AuthorizeOAuth2Access", "signin:CreateOAuth2Token" ], "Resource" : "arn:aws:signin:*:*:service-principal/aws-mcp.amazonaws.com" } ] }

Learn more