When an application integrates a Model Context Protocol (MCP) server with Auth0, sending the resource parameter instead of the audience parameter to the /authorize endpoint causes Auth0 to fall back to the userinfo audience. This fallback generates an error because Auth0 restricts third-party clients from using the userinfo audience. Enable the Resource parameter compatibility profile in the Auth0 Dashboard to allow the resource parameter to function as the audience.

The userinfo audience is not allowed for third party clients. Please specify a valid API audience.

• Auth0
• Model Context Protocol (MCP) Server Integration
• Dynamic Client Registration
• OAuth 2.0 Authorization

The client sends the resource parameter instead of the audience parameter to the /authorize endpoint per RFC 8707. Auth0 falls back to the userinfo audience, which Auth0 restricts for third-party clients that register via Dynamic Client Registration.

How is the userinfo audience error resolved?

Navigate to the Auth0 Dashboard, open the tenant settings, and enable the Resource Parameter Compatibility Profile toggle under the advanced settings tab.

1. Go to the Auth0 Dashboard.
2. Select Settings.
3. Choose the Advanced tab.
4. Scroll to the Settings section.
5. Enable the Resource Parameter Compatibility Profile toggle.

Please check the following documentation for additional details: Resource Parameter Compatibility Profile.