# Auth.md — Frans Construction

This file describes how AI agents can register and authenticate with
the Frans Construction public website.

## Resource

- Resource identifier: https://fransconstruction.com
- Protected resource metadata: https://fransconstruction.com/.well-known/oauth-protected-resource
- OAuth authorization server metadata: https://fransconstruction.com/.well-known/oauth-authorization-server
- OpenID Connect discovery: https://fransconstruction.com/.well-known/openid-configuration

## Authorization server

- Issuer: https://mkpsievihtlvmdwdkecg.supabase.co/auth/v1
- Authorization endpoint: https://mkpsievihtlvmdwdkecg.supabase.co/auth/v1/authorize
- Token endpoint: https://mkpsievihtlvmdwdkecg.supabase.co/auth/v1/token
- JWKS URI: https://mkpsievihtlvmdwdkecg.supabase.co/auth/v1/.well-known/jwks.json
- Supported grant types: authorization_code, refresh_token
- Supported scopes: openid, email, profile
- Token type: Bearer (Authorization header)

## Agent registration

Agents that want a long-lived integration should request access via the
contact form rather than self-registering:

- Register URI: https://fransconstruction.com/contact
- Identity types supported: human, agent
- Credential types supported: oauth2_bearer
- Claim / revocation: contact ryan@fransconstruction.com

## Public tools

Public actions (no auth required) are also exposed as WebMCP tools when
agents visit pages on https://fransconstruction.com, and are described in the MCP Server Card
at https://fransconstruction.com/.well-known/mcp/server-card.json.