Hi,
I know Oauth 2.1 with PKCE is supported by OpenAI, however, this is intended for authenticating and trusting communication with users through a self registering client flow, which is not intended to protect the API against unauthorized use.
In my case, I want to be able to protect our API, so that only GPT can access it (nothing to do with user authentication).
I’ve found the chatgpt-actions.json which is supposed to contain the cidrs from OpenAI and possibly could be used by a firewall, but I already realised in my tests that OpenAI uses other ips not present in this list, and from other entries in this forum, I also realised it’s not a reliable source.
So in general, I believe there’s currently no way to secure the mcp server if we want it to be used by OpenAI. Am I correct? I guess this goes without saying it is not good for enterprise production systems 
Anyone else facing the same challenge? Does anyone know about any plans to make this ecosystem reliable and secure?
Thank you!