AWS Security ChangesHomeSearch

AWS marketplace documentation change

Service: marketplace · 2025-10-22 · Documentation medium

File: marketplace/latest/userguide/bedrock-agentcore-gateway.md

Summary

Added documentation for MCP server integration requirements and authentication options

Security assessment

Introduces documentation about OAuth authentication requirements for MCP server integrations. While this adds security-related documentation about authentication methods, there is no evidence of addressing a specific security vulnerability.

Diff

diff --git a/marketplace/latest/userguide/bedrock-agentcore-gateway.md b/marketplace/latest/userguide/bedrock-agentcore-gateway.md
index 638ab6ce2..cb020cc77 100644
--- a//marketplace/latest/userguide/bedrock-agentcore-gateway.md
+++ b//marketplace/latest/userguide/bedrock-agentcore-gateway.md
@@ -48 +48,12 @@ For more information, see [Amazon Bedrock AgentCore Developer Guide](https://doc
-To enable Amazon Bedrock AgentCore Gateway integration for your SaaS API-based AI agent products, provide an OpenAPI specification.
+You can enable Amazon Bedrock AgentCore Gateway integration for your SaaS API-based AI agent products in one of the following ways, depending on your product: 
+
+  * if you list an MCP server with OAuth authentication, you can opt-in to offer your buyers the integration with no additional requirements. The MCP server endpoint you provide as part of your listing process will be used for the integration. However, you must ensure your MCP server meets the requirements listed below.
+
+  * For all other products, you can provide an OpenAPI specification to enable the integration.
+
+
+
+
+### MCP server requirements
+
+Your MCP server must meet the following requirements: