Oauth2.1 Server
Reference mcp server implementation of draft mcp oauth spec https://modelcontextprotocol.io/specification/draft/basic/authorization#2-3-authorization-server-discovery
Installation
npx mcp-oauth2-1-serverAsk AI about Oauth2.1 Server
Powered by Claude · Grounded in docs
I know everything about Oauth2.1 Server. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
MCP Server Reference Implementation
This is a reference MCP Server implementation of the draft Authorization spec updates using the official typescript sdk.
This repo can be used with this Postman collection
Authentication Providers
There are two separate auth provider options:
- Cognito
- Keycloak (self-hosted)
We validate the scope: mcp:access, with <resource-id>/mcp:access. For example, https://mcp-server.com/mcp:access
Important Note
Keep in mind that OAuth 2.1 doesn't allow http protocol, so you will want to use ngrok with a static url (available for free from ngrok) to properly test this out.
If you want to use localhost without ngrok because you don't care, you can override the PORT and PROTOCOL env variables for the authorization and resource servers by setting them in .envs (check config folder if you're confused)
Setup with ngrok
-
Build and start the server:
npm i npm run build npm run start -
The MCP server will start on port 1335.
-
In another terminal, create the ngrok tunnel to the MCP server:
ngrok http --domain=<get-a-custom-domain-from-ngrok(free)-and-place-here> 1335 -
Configure this resource server in the
Domainstab of your AWS Cognito dashboard