MCP_Server_with_http_OAuth_stdio
Verified Safeby Legitate
Overview
A dual-transport (HTTP/STDIO) Model Context Protocol server for managing employee records, featuring OAuth 2.0 authentication for HTTP and JSON-RPC 2.0 for STDIO.
Installation
npm startSecurity Notes
The server implements OAuth 2.0 client credentials flow for its HTTP API, including token registration, generation, and validation with expiration. All HTTP API calls are authenticated. The STDIO server, intended for local MCP clients like Claude Desktop, allows for optional token-based authentication during initialization; if no token is provided, requests are processed unauthenticated. While this is justified by its 'local process' use case in the documentation, it means the STDIO server is effectively unsecured unless manually configured with a token. There are no direct 'eval' or arbitrary code execution patterns identified from user input. Employee data and OAuth tokens are stored in local JSON files.
Similar Servers
example-remote-server
A reference server demonstrating all Model Context Protocol (MCP) features and OAuth 2.0 authentication patterns.
node-mcp-server
A template for building Model Context Protocol (MCP) compatible servers with support for multiple transport protocols like HTTP, SSE, and standard I/O.
server-filesystem
Provides a secure Node.js server implementing Model Context Protocol (MCP) for AI clients to perform a wide range of filesystem operations with strict access control.
WeDaka-MCP
This MCP server provides an interface for an AI agent to interact with an employee time-tracking and clock-in/out system (WeDaka).