mcp-typescript-simple
Verified Safeby jdutton
Overview
Production-ready MCP (Model Context Protocol) server with dual-mode operation (STDIO & HTTP), multi-LLM integration, and OAuth authentication, designed for horizontal scalability and comprehensive observability.
Installation
npm run dev:stdioEnvironment Variables
- ANTHROPIC_API_KEY
- OPENAI_API_KEY
- GOOGLE_API_KEY
- GOOGLE_CLIENT_ID
- GOOGLE_CLIENT_SECRET
- GITHUB_CLIENT_ID
- GITHUB_CLIENT_SECRET
- MICROSOFT_CLIENT_ID
- MICROSOFT_CLIENT_SECRET
- MICROSOFT_TENANT_ID
- TOKEN_ENCRYPTION_KEY
- REDIS_URL
- NODE_ENV
- MCP_MODE
- HTTP_PORT
- HTTP_HOST
- OTEL_EXPORTER_OTLP_ENDPOINT
- OTEL_SERVICE_NAME
- ALLOWED_USERS
- LOG_LEVEL
Security Notes
The project demonstrates a strong focus on security, including: enforcing spec-driven development for API changes, mandatory pre-commit validation with security checks, explicit detection of unprotected admin endpoints, prevention of sensitive data storage in files for production (enforces Redis/DB), scanning for secrets in logs, OAuth with dynamic client registration (DCR) including rate limiting and secret expiration, PKCE support, and AES-256-GCM encryption for token storage. `helmet` and `cors` are used in the HTTP server. Strict PII logging policies are outlined. Proper configuration of `TOKEN_ENCRYPTION_KEY` and `ALLOWED_USERS` is critical.
Similar Servers
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
boilerplate-mcp-server
Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.
leanmcp-sdk
Building production-ready Model Context Protocol (MCP) servers with TypeScript, supporting features like authentication, elicitation, and UI integration for AI agents.
mcp-server-playground
A playground and reference implementation for a Model Context Protocol (MCP) server, featuring streamable HTTP transport, OAuth proxy for third-party authorization servers like Auth0, and stateful session management.