python-authenticated-mcp-server-scaffold
Verified Safeby albertjoseph0
Overview
Provides an authenticated Model Context Protocol (MCP) server that exposes proprietary data sources, specifically travel-industry expert-call transcripts from an OpenAI Vector Store and structured airfare trend data from local files, to ChatGPT or other MCP-capable clients.
Installation
python -m server.appEnvironment Variables
- OPENAI_API_KEY
- VECTOR_STORE_ID
- AUTH0_ISSUER
- RESOURCE_SERVER_URL
- JWT_AUDIENCES
Security Notes
The server uses Auth0 for OAuth 2.1 bearer token authentication with JWT validation via JWKS, which is a standard and robust approach. Environment variables are correctly utilized for sensitive information like API keys and issuer URLs, preventing hardcoding. The Python `JWTVerifier` explicitly notes that it 'does not contain entitlements' and 'you must add your own entitlements,' indicating that fine-grained authorization logic beyond basic token validity needs to be implemented by the developer. The `SimpleTokenVerifier` is present but not used in the main application. Overall, it provides a secure foundation, but requires developer attention for full authorization implementation.
Similar Servers
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
opensearch-mcp-server-py
Enables AI assistants and LLMs to interact with OpenSearch clusters by providing a standardized Model Context Protocol (MCP) interface through built-in and dynamic tools.
noteit-mcp
Provides an HTTP Model Context Protocol (MCP) server for AI coding tools to access structured agent profiles and personalized notes, enhancing AI development workflows.