update readme and block single user mode + oauth to avoid user confusion

2026-01-27 19:32:45 -05:00
parent 2463778deb
commit 53109b9a50
2 changed files with 17 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -515,6 +515,7 @@ uv run main.py \
  --single-user
 ```
 <sub>Simplified authentication</sub>
+<sub>⚠️ Cannot be used with OAuth 2.1 mode</sub>

 </td>
 </tr>
@@ -1003,6 +1004,14 @@ The server includes OAuth 2.1 support for bearer token authentication, enabling
 - Production environments requiring secure session management
 - Browser-based clients requiring CORS support

+**⚠️ Important: OAuth 2.1 and Single-User Mode are mutually exclusive**
+
+OAuth 2.1 mode (`MCP_ENABLE_OAUTH21=true`) cannot be used together with the `--single-user` flag:
+- **Single-user mode**: For legacy clients that pass user emails in tool calls
+- **OAuth 2.1 mode**: For modern multi-user scenarios with bearer token authentication
+
+Choose one authentication method - using both will result in a startup error.
+
 **Enabling OAuth 2.1:**
 To enable OAuth 2.1, set the `MCP_ENABLE_OAUTH21` environment variable to `true`.