Auth Servers
π Reference MCP servers that demo how authentication works with the current Model Context Protocol spec.
Ask AI about Auth Servers
Powered by Claude Β· Grounded in docs
I know everything about Auth Servers. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
[!IMPORTANT] This is now moved under one of the official Microsoft-supported GitHub organizations. Please use that repository as a point of reference.
π MCP Server Authentication Reference Collection
Reference servers that demo how authentication works with the current Model Context Protocol spec.
[!WARNING] Code presented here is for demo purposes only. Your specific scenarios (including rules inside your enterprise, specific security controls, or other protection mechanisms) may differ from the ones that are outlined in this repository. Always conduct a security audit and threat modeling for any production and customer-facing assets that require authentication and authorization.
Scenarios
Servers above are designed for various runtime scenarios. They are tagged as follows:
- Remote MCP servers:
- Local MCP servers:
- Dual-purpose MCP servers (can run locally or remotely):
Supported identity providers
| Provider | Scenario | Server Type | Implementation | State |
|---|---|---|---|---|
| Entra ID | Confidential client, mapped to session token. |  | entra-id-cca-session |  |
| Entra ID | Public client, using WAM |  | entra-id-local-wam | |
| GitHub | GitHub application w/OAuth, mapped to session token. | | github-app-session | |