MCPServer-with-Auth
Verified Safeby nskw-d
Overview
Auth0-protected MCP server and client demonstrating authenticated tool access for AI agent integration.
Installation
uv run mcp_server.pyEnvironment Variables
- AUTH0_DOMAIN
- AUTH0_CLIENT_ID
- AUTH0_CLIENT_SECRET
- AUTH0_AUDIENCE
- JWT_ALGORITHM
- MCP_HOST
- MCP_PORT
- REQUIRED_PERMISSION
- OAUTH_CALLBACK_URI
- OAUTH_CALLBACK_PORT
- GOOGLE_API_KEY
Security Notes
The server correctly implements JWT verification using Auth0's JWKS endpoint, validating tokens for algorithms, audience, and issuer. Secrets are appropriately loaded from environment variables. The client's OAuth authorization code flow involves a local HTTP server for callbacks, a standard practice for CLI applications. Error handling for JWT and OAuth processes is present. While the client relies on Selenium WebDriver, which requires a correct setup, and a GOOGLE_API_KEY is used, these are managed through environment variables and standard library usage.
Similar Servers
AI-Gateway
The project serves as a collection of labs demonstrating AI Gateway capabilities with Azure API Management, focusing on Model Context Protocol (MCP) to enable plug-and-play tool integration for Large Language Models (LLMs).
mcp-servers
A curated collection of Model Context Protocol (MCP) server configurations to integrate various developer tools and services with AI agents.
example-remote-server
A reference server demonstrating all Model Context Protocol (MCP) features and OAuth 2.0 authentication patterns.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.