Описание
Civic Auth integration for MCP servers
README
CI npm version License: MIT codecov
🔐 Authentication for Model Context Protocol - Monorepo
This repository contains the Civic Auth MCP library and examples for adding secure authentication to MCP servers and clients.
📦 Packages
🚀 Quick Start
# Install the library
pnpm add @civic/auth-mcp @modelcontextprotocol/sdk
# Run examples
pnpm install
pnpm build
pnpm --filter example-server start
🛠️ Development
# Install dependencies
pnpm install
# Build all packages
pnpm build
# Run tests
pnpm test
# Run linting
pnpm lint
🔒 Security Auditing
This project uses audit-ci for dependency vulnerability scanning in CI/CD. To manage security vulnerabilities:
- Configuration: Edit
audit-ci.jsoncto add vulnerabilities to the allowlist - Run audit:
pnpm run audit:ci(fails on moderate+ vulnerabilities not in allowlist) - CI/CD: Security audit runs automatically on all PRs and pushes to main
To allowlist a vulnerability, add its identifier to audit-ci.jsonc:
{
"allowlist": [
"GHSA-xxxx-xxxx-xxxx", // GitHub Security Advisory
"CVE-2024-xxxxx", // CVE identifier
"1234567" // NPM advisory ID
]
}
📚 Documentation
Full documentation and usage examples are available in the library/ package.
🚨 Legacy OAuth Mode
For backward compatibility, the auth() middleware automatically includes legacy OAuth endpoints that allow MCP servers to act as OAuth servers. This mode is enabled by default but is deprecated.
The following endpoints are automatically exposed:
/.well-known/oauth-authorization-server- OAuth server metadata/authorize- Authorization endpoint (proxies to Civic Auth)/token- Token endpoint (proxies to Civic Auth)/register- Registration endpoint (if supported)
To disable legacy mode:
app.use(await auth({
enableLegacyOAuth: false // Disable legacy OAuth endpoints
}));
📄 License
It is provided as-is, without warranty of any kind, express or implied. Civic makes no guarantees of fitness for a particular purpose or ongoing support. Use of this library is governed solely by the terms of the MIT License.
By using this software, you agree that Civic shall not be held liable for any damages arising from its use, performance, or integration.
Note: The @civic/auth-mcp library is released as an open-source project under the MIT License.
It is provided without warranty or support guarantees.
Установить Auth Mcp в Claude Desktop, Claude Code, Cursor
unyly install auth-mcpСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add auth-mcp -- npx -y @civic/auth-mcpFAQ
Auth Mcp MCP бесплатный?
Да, Auth Mcp MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Auth Mcp?
Нет, Auth Mcp работает без API-ключей и переменных окружения.
Auth Mcp — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Auth Mcp в Claude Desktop, Claude Code или Cursor?
Открой Auth Mcp на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Auth Mcp with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
