authenticated-mcp-servers
Verified Safeby jeffellin
Overview
A Python-based Model Context Protocol (MCP) server providing weather forecasting and alerts from the National Weather Service API, with optional JWT authentication.
Installation
python server.pyEnvironment Variables
- JWT_REQUIRED
- JWT_JWKS_URI
- JWT_CUSTOM_HEADER
- JWT_ALGORITHM
- JWT_AUDIENCE
Security Notes
The server implements JWT authentication using standard practices, fetching JWKS from a configurable URI for public key validation. It properly handles token extraction, validation (signature, expiration, etc.), and error cases (401 Unauthorized). No 'eval' or malicious patterns were found. Configuration is via environment variables, preventing hardcoded secrets. The reliance on an external JWKS URI introduces a trust dependency on that endpoint's security and availability, which is standard for JWT but a point to note. Input validation for weather tools is basic (e.g., coordinate rounding), which is generally sufficient for its purpose.
Similar Servers
WeatherMCP
A simple Model Context Protocol (MCP) server for fetching live weather alerts and forecasts from the U.S. National Weather Service (NWS) API.
nws-mcp-server
Provides real-time weather forecasts and alerts for US locations by integrating with the National Weather Service API.
MCP-demo2-CSCI-435
This server provides real-time weather alerts for US states and detailed forecasts for specific geographic coordinates by interacting with the National Weather Service (NWS) API.
MCP_SERVER_STR
This server acts as a Multi-Agent Communication Protocol (MCP) tool provider, offering weather alerts and forecasts by integrating with the National Weather Service (NWS) API.