Glossary

Term Definition

Term	Definition
Access token	A short-lived credential that the client sends with every request to the MCP server. The MCP server issues access tokens with a one-hour lifetime.
ACL (Access Control List) role	An access control role assigned to a user account. The MCP server checks ACL roles on every tool call.
Adaptive entity	A configurable data structure used by the Adaptive Designer in Neptune DXP - Open Edition.
Cockpit	The web-based administrative interface of Neptune DXP - Open Edition.
Dynamic client registration	The OAuth 2.1 mechanism by which an MCP client registers itself with the MCP server before requesting authorization. Defined in RFC 7591.
MCP (Model Context Protocol)	An open protocol for AI assistants to interact with external tools. See modelcontextprotocol.io.
MCP client	A program that connects to the MCP server. Examples include Claude Code, Claude Desktop, Cursor, and Windsurf.
OAuth 2.1	The authorization framework used by the MCP server. Includes PKCE, resource indicators, and refresh-token rotation. See oauth.net/2.1.
Package	A grouping of Neptune DXP - Open Edition artifacts (applications, web apps, scripts, adaptive entities, tables, APIs) used to drive access control.
PKCE (Proof Key for Code Exchange)	An OAuth extension that protects the authorization code from interception.
Refresh token	A longer-lived credential that the client uses to obtain a new access token without prompting the user to sign in again. The MCP server issues refresh tokens with a seven-day lifetime and rotates them on every use.
Resource indicator	The OAuth parameter (`resource`) that binds an access token to a specific resource server URL. Defined in RFC 8707.
Scope	A label that identifies the access requested by an OAuth client. The MCP server requires the `mcp:tools` scope on every request.
Streamable HTTP	The MCP transport used by the MCP server. Each request is stateless and self-contained.

Access token

A short-lived credential that the client sends with every request to the MCP server. The MCP server issues access tokens with a one-hour lifetime.

ACL (Access Control List) role

An access control role assigned to a user account. The MCP server checks ACL roles on every tool call.

Adaptive entity

A configurable data structure used by the Adaptive Designer in Neptune DXP - Open Edition.

Cockpit

The web-based administrative interface of Neptune DXP - Open Edition.

Dynamic client registration

The OAuth 2.1 mechanism by which an MCP client registers itself with the MCP server before requesting authorization. Defined in RFC 7591.

MCP (Model Context Protocol)

An open protocol for AI assistants to interact with external tools. See modelcontextprotocol.io.

MCP client

A program that connects to the MCP server. Examples include Claude Code, Claude Desktop, Cursor, and Windsurf.

OAuth 2.1

The authorization framework used by the MCP server. Includes PKCE, resource indicators, and refresh-token rotation. See oauth.net/2.1.

Package

A grouping of Neptune DXP - Open Edition artifacts (applications, web apps, scripts, adaptive entities, tables, APIs) used to drive access control.

PKCE (Proof Key for Code Exchange)

An OAuth extension that protects the authorization code from interception.

Refresh token

A longer-lived credential that the client uses to obtain a new access token without prompting the user to sign in again. The MCP server issues refresh tokens with a seven-day lifetime and rotates them on every use.

Resource indicator

The OAuth parameter (resource) that binds an access token to a specific resource server URL. Defined in RFC 8707.

Scope

A label that identifies the access requested by an OAuth client. The MCP server requires the mcp:tools scope on every request.

Streamable HTTP

The MCP transport used by the MCP server. Each request is stateless and self-contained.

Glossary

Related topics