Fix: Undocumented Parameters Hardening

[wdaimee]

Summary

This PR resolves the security ticket SEC-30819.

Previously, the auth0_create_application and auth0_update_application tool handlers forwarded several parameters to the Auth0 Management API that were not declared in the tools' inputSchema. Since MCP clients only surface schema-declared parameters for human approval, undeclared parameters could bypass human-in-the-loop review. This PR closes that gap by removing high-risk parameters, declaring the remaining ones, and adding a server-side allowlist.

Changes

• Removed high-risk parameters from auth0_create_application and auth0_update_application so they can no longer be forwarded to the Auth0 Management API through these tools: custom_login_page, custom_login_page_on, custom_login_page_preview, addons, encryption_key, client_authentication_methods, require_proof_of_possession, require_pushed_authorization_requests, signed_request_object, compliance_level, form_template, client_metadata, and initiate_login_uri.

• Declared lower-risk parameters in inputSchema so they remain usable but are now surfaced for human approval: web_origins, client_aliases, cross_origin_loc, oidc_logout, sso, and native_social_login. Also added grant_types, jwt_configuration, mobile, and refresh_token to auth0_create_application (already present on update) so both tools expose a consistent set of parameters.

• Added a server-side allowlist in src/server.ts that rejects any argument not declared in the invoked tool's inputSchema.properties before it reaches the handler, returning Rejected undeclared parameters: <keys>. Tools that declare no schema properties skip the check.

• Declared the client parameter on auth0_create_resource_server and auth0_update_resource_server. The handlers already consumed it but the schema omitted it, so the new allowlist would otherwise reject it.

• Added tests:

  • test/server.test.ts — covers the allowlist: rejecting undeclared params, allowing fully-declared params, and skipping enforcement when no schema properties are declared.
  • test/tools/tool-parameter-schema.test.ts — enforces the inputSchema contract across every tool, failing if any handler reads a parameter not declared in its schema.

References

https://auth0team.atlassian.net/browse/SEC-30819
https://auth0team.atlassian.net/browse/PSREV-2877

Testing

1. Created an application with the newly added parameters to the inputSchema: sso, web_origins

2. Called the update application tool to add another web_origin and set a grant_type:

3. Called the update application tool again to set parameters that don't exist on the inputSchema:

4. Asked the LLM to list the parameters that the Auth0 create application tool takes:

Steps to test this branch:

• Run npm run build and npm test — all new and existing tests should pass.
• Call auth0_create_application with a removed field (e.g. custom_login_page): confirm it is rejected as an undeclared parameter and not forwarded to Auth0.
• Call auth0_create_application / auth0_update_application with a newly declared field (e.g. web_origins or sso): confirm it is surfaced in the client's approval prompt and applied on approval.
• Confirm a fully-declared, approved request (e.g. name + app_type + web_origins) still creates/updates the application successfully.

All Unit tests pass

All tools work when given the parameters defined in their respective inputSchema

• This change adds unit test coverage
• This change adds integration test coverage

Checklist

• I have read the Auth0 general contribution guidelines
• I have read the Auth0 Code of Conduct
• All existing and new tests complete without errors