MCP_Server_with_http_OAuth_stdio
Verified Safeby Legitate
Overview
A dual-transport (HTTP/STDIO) Model Context Protocol server for managing employee records, featuring OAuth 2.0 authentication for HTTP and JSON-RPC 2.0 for STDIO.
Installation
npm startSecurity Notes
The server implements OAuth 2.0 client credentials flow for its HTTP API, including token registration, generation, and validation with expiration. All HTTP API calls are authenticated. The STDIO server, intended for local MCP clients like Claude Desktop, allows for optional token-based authentication during initialization; if no token is provided, requests are processed unauthenticated. While this is justified by its 'local process' use case in the documentation, it means the STDIO server is effectively unsecured unless manually configured with a token. There are no direct 'eval' or arbitrary code execution patterns identified from user input. Employee data and OAuth tokens are stored in local JSON files.
Similar Servers
frontmcp
Develop and integrate third-party API services using the Model Context Protocol (MCP) framework, enabling AI models to interact with external systems through defined tools, resources, and prompts.
mcp-server-playground
A Model Context Protocol (MCP) server that acts as an OAuth proxy for 3rd party authorization servers like Auth0, provides stateful session management, and exposes various tools for system time, streaming, project keyword searching, and AWS services (S3, ECS, CloudWatch Logs, Bedrock).
nitro-mcp-server
This project serves as a Model Context Protocol (MCP) server demonstrating streamable HTTP transport with pluggable authentication providers (Auth0, Microsoft Entra ID) and schema-validated tools/resources.
mcp-oauth-server
OAuth 2.1 Authorization Server implementation for the Model Context Protocol (MCP) to manage client and user authentication.