Introduce MCP Auth - Plug-and-play auth for MCP servers
MCP Auth gives you everything you need to add production-ready auth to your MCP server. No weeks spent reading specs or wiring things up.
Founder
When building an MCP server, auth will be unavoidable at some point. As you check the MCP spec, you’ll quickly come across some RFCs:
- OAuth 2.1 IETF DRAFT
- OAuth 2.0 Authorization Server Metadata (RFC8414)
- OAuth 2.0 Dynamic Client Registration Protocol (RFC7591)
Not familiar with these? You’re not alone. Even OAuth 2.0 is widely adopted, understanding and implementing it correctly still takes time. MCP is built on solid foundations with these standards, so the best approach is to follow the spec. That’s exactly where MCP Auth comes in.
The good news: you don't have to do it from scratch.
We are introducing MCP Auth: everything you need to add production-ready auth to your MCP server.
What is MCP Auth?
MCP Auth offers a set of tools and tutorials to help you implement auth for MCP servers. It helps you integrate with any RFC-compliant OAuth 2.1 / OIDC provider using just a few lines of code:
How to get started with MCP Auth?
Visit mcp-auth.dev to get started.
Our first release includes SDKs for Python and Node.js, tested with providers like Logto and Keycloak.
Not sure if your provider is compliant? Try our provider test tool to find out.
What’s next?
We’re working on adding more SDKs, more tutorials, and better support for different providers. If you have questions or ideas, feel free to start a discussion.
Happy building!