OAuth and Tunnel Alternatives

Best fit for ChatGPT Custom Connectors that dynamically register clients. Supports discovery, PKCE, token exchange, and unlink-based revocation.

Uses a client ID metadata document instead of dynamic client registration state. Good when the connector supports stable metadata documents.

Simpler, but harder to rotate and often unsupported by hosted connector UIs unless they expose API-key headers.

Only acceptable for loopback-only experiments. Never use it on a public tunnel.

Useful for REST APIs that do not need MCP tools. It is a different product surface from a remote MCP server.

Tunnel options

Fastest setup with account-owned development domains or custom domains. Good for prototypes and small teams.

Good for custom domains and long-running services. `cloudflared` makes outbound connections and can pair with Access.

Private-by-default path when available to your OpenAI workspace. In ChatGPT, choose Tunnel instead of a public server URL.