MCP spec (RFC 9728) says the client should look up /.well-known/oauth-protected-resource relative to the resource URL, but Windsurf strips any prefix and loads it from the root path.