diff --git a/mcp_bridge/mcp_server.py b/mcp_bridge/mcp_server.py
index 3ba13d4..e50382d 100644
--- a/mcp_bridge/mcp_server.py
+++ b/mcp_bridge/mcp_server.py
@@ -8,9 +8,11 @@ from fastmcp import FastMCP
 import secrets
 import time
 import hashlib
+from urllib.parse import urlencode
 
 from fastmcp.server.auth import OAuthProvider, AccessToken
 from fastmcp.server.auth.auth import ClientRegistrationOptions
+from mcp.server.auth.provider import AuthorizationParams
 from mcp.shared.auth import OAuthClientInformationFull, OAuthToken
 from starlette.requests import Request
 from starlette.responses import JSONResponse
@@ -44,6 +46,18 @@ class HomelabOAuth(OAuthProvider):
     async def get_client(self, client_id: str) -> OAuthClientInformationFull | None:
         return self._clients.get(client_id)
 
+    async def authorize(self, client: OAuthClientInformationFull, params: AuthorizationParams) -> str:
+        """Auto-approve and redirect back with auth code (single-user setup)."""
+        code = await self.create_authorization_code(
+            client, params.code_challenge, str(params.redirect_uri), params.scopes,
+        )
+        redirect_params = {"code": code}
+        if params.state:
+            redirect_params["state"] = params.state
+        redirect_uri = str(params.redirect_uri)
+        separator = "&" if "?" in redirect_uri else "?"
+        return f"{redirect_uri}{separator}{urlencode(redirect_params)}"
+
     async def create_authorization_code(
         self, client: OAuthClientInformationFull, code_challenge: str | None,
         redirect_uri: str | None, scopes: list[str] | None = None,