AWS Security ChangesHomeSearch

AWS marketplace documentation change

Service: marketplace · 2026-01-16 · Documentation low

File: marketplace/latest/userguide/listing-saas-ai-agents.md

Summary

Updated requirement for MCP server integration to specify two-legged OAuth authentication and fixed documentation link.

Security assessment

Change refines authentication requirements but doesn't indicate any security vulnerability fix. The update enhances documentation accuracy without addressing specific security issues.

Diff

diff --git a/marketplace/latest/userguide/listing-saas-ai-agents.md b/marketplace/latest/userguide/listing-saas-ai-agents.md
index 80955500b..ce299bd26 100644
--- a//marketplace/latest/userguide/listing-saas-ai-agents.md
+++ b//marketplace/latest/userguide/listing-saas-ai-agents.md
@@ -169 +169 @@ You cannot change the fulfillment method after you publish the product.
-     * If you list an MCP server with OAuth authentication, you can enable integration with Amazon Bedrock AgentCore Gateway using your MCP server endpoint as the target. For more information, see [MCP servers targets](https://docs.aws.amazon.com/ bedrock-agentcore/latest/devguide/gateway-target-MCPservers.html). In this case, OpenAPI spec is not required.
+     * If you list an MCP server that supports two-legged OAuth authentication, you can enable integration with Amazon Bedrock AgentCore Gateway using your MCP server endpoint as the target. For more information, see [MCP server targets](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-target-MCPservers.html). In this case, OpenAPI spec is not required.