Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Mcpauth

БесплатноНе проверен

Drop-in OAuth 2.1 + Dynamic Client Registration for MCP servers, providing authentication middleware and token verification.

GitHubEmbed

Описание

Drop-in OAuth 2.1 + Dynamic Client Registration for MCP servers, providing authentication middleware and token verification.

README

npm version npm downloads license

Drop-in OAuth 2.1 + Dynamic Client Registration (RFC 7591) for MCP servers, backed by mcpauth.

Wraps the official @modelcontextprotocol/sdk's requireBearerAuth middleware so unauthenticated or invalid requests get rejected with a spec-correct 401 before they ever reach your MCP server's handlers.

Install

npm install getmcpauth

Usage

import express from "express";
import { mcpAuth } from "getmcpauth";

const app = express();

app.use(
  "/mcp",
  mcpAuth({ registrationSecret: process.env.MCPAUTH_SECRET })
);

// Unauthenticated or invalid requests never reach this handler.
app.post("/mcp", handleMcpRequest);

Get a registrationSecret by creating a project at getmcpauth.dev/dashboard — it's your MCP server's credential for both Dynamic Client Registration and token verification.

MCP clients (Claude, ChatGPT, custom agent frameworks) then discover your auth setup automatically via /.well-known/oauth-authorization-server — no manual client configuration needed.

Next.js (or any Fetch-API framework)

// app/api/mcp/route.ts
import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
import { createMcpAuthHandler } from "getmcpauth";

const handler = createMcpAuthHandler({
  registrationSecret: process.env.MCPAUTH_SECRET!,
  buildServer: () => {
    const server = new McpServer({ name: "my-server", version: "1.0.0" });
    server.registerTool(/* ... */);
    return server;
  },
});

export { handler as GET, handler as POST, handler as DELETE };

API

  • mcpAuth(options) — Express middleware. Successful token verifications are cached in-process (default 30s) so a chatty agent conversation doesn't trigger a network round trip on every tool call.
  • createMcpAuthHandler(options) — the Next.js/Fetch-API equivalent above, returning a (request: Request) => Promise<Response> handler. Same caching behavior as mcpAuth().
  • McpAuthTokenVerifier — implements the official SDK's OAuthTokenVerifier interface directly, for lower-level use.
  • mintToken(options) — for MCP servers embedded in a product that already has its own users: your backend, which already knows who its logged-in user is, mints a token server-to-server without routing that user through mcpauth's own login.
  • protectedResourceMetadata(options) / mcpAuthResourceMetadataHandler(options) — RFC 9728 resource-metadata helpers.

Full docs: getmcpauth.dev/docs

License

MIT

from github.com/yilmazali325/getmcpauth

Установка Mcpauth

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/yilmazali325/getmcpauth

FAQ

Mcpauth MCP бесплатный?

Да, Mcpauth MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Mcpauth?

Нет, Mcpauth работает без API-ключей и переменных окружения.

Mcpauth — hosted или self-hosted?

Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.

Как установить Mcpauth в Claude Desktop, Claude Code или Cursor?

Открой Mcpauth на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Mcpauth with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории development