mcp-server
Verified Safeby JayaSamuthraDevi
Overview
A Model Context Protocol (MCP) server for secure access to billing and compute information, authenticated via Keycloak for AI assistant integration.
Installation
uv run app/main.pyEnvironment Variables
- UPSTREAM_AUTHORIZATION_ENDPOINT
- UPSTREAM_TOKEN_ENDPOINT
- UPSTREAM_CLIENT_ID
- UPSTREAM_CLIENT_SECRET
- JWKS_URI
- AUDIENCE
- ISSUER
- MCP_SERVER_BASE_URL
Security Notes
The server uses OAuth2 via Keycloak for authentication, with sensitive configuration loaded from environment variables (no hardcoded secrets). It leverages httpx for secure asynchronous HTTP requests to upstream services. Upstream API keys and secrets are expected as claims within the verified OAuth token, shifting the security burden for these credentials to the Keycloak setup and token issuance process. No 'eval' or obvious malicious patterns found in the provided code. Requires HTTPS in production and careful handling of client secrets as emphasized in the README.
Similar Servers
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
paddle-mcp-server
Provides LLMs and AI agents with tools for interacting with the Paddle Billing API to manage payments, subscriptions, and other billing-related entities.
stape-mcp-server
Implements an MCP server for the Stape platform, providing comprehensive tools for managing Stape resources such as containers, domains, analytics, schedules, billing, and various platform-specific configurations.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.