Back to Home
cerbos icon

cerbos-mcp-authorization-demo

Verified Safe

by cerbos

View Source

Overview

Implements role-based access control for AI Assistant tools using Model Context Protocol (MCP) and Cerbos policies.

Installation

Run Command
npm start

Security Notes

The server includes a simulated user authentication (`req.user = { ... }`) for demonstration purposes, explicitly stating it should be replaced with OAuth in production. This is not a vulnerability in the context of a demo but a critical point for deployment. The Cerbos client connects to `localhost:3593` without TLS, which is acceptable for local development but would be a network risk if the Cerbos PDP were exposed publicly without TLS. No 'eval' or direct malicious patterns are present in the provided source code.

Similar Servers

example-remote-server

62

A reference server demonstrating all Model Context Protocol (MCP) features and OAuth 2.0 authentication patterns.

Other
9
$Medium

mcp-tools

28

Provides a TypeScript library to simplify building Model Context Protocol (MCP) clients and servers, enabling AI applications to securely access private user data through OAuth-based authentication flows.

Other
9
$Low

mcp-typescript-starter

5

A feature-complete Model Context Protocol (MCP) server template in TypeScript demonstrating all major MCP features for AI assistant interaction.

Other
8
$Medium

mcp-agent-starter-kit

2

A starter kit for building custom AI agents using the Model Context Protocol (MCP) to connect real-world tools with Large Language Models (LLMs).

Other
8
$Medium

Stats

Interest Score34
Security Score8
Cost ClassLow
Avg Tokens50
Stars4
Forks0
Last Update2026-01-12

Tags

AI AssistantsRole-Based Access ControlCerbosModel Context ProtocolNode.js