Skip to main content

Python and Node.js SDKs are now available!

Plug-and-play auth for MCP servers

MCP Auth gives you everything you need to add production-ready auth to your MCP server. No weeks spent reading specs or wiring things up.

Get started

Why MCP Auth?

Skip the specs. Skip the boilerplate. Just auth.

The MCP spec requires OAuth 2.1 and other RFCs, providing a solid foundation for auth. With MCP Auth, you can take it further by connecting to a trusted provider in just a few lines of code.

Get started

Connect to any provider. It's provider-agnostic.

MCP Auth works with any compliant OAuth 2.1 or OpenID Connect provider. Choose one from our verified list or use the tool to check if your provider is compliant.

Check out providers

Let's ship fast, and be secure.

Go for production? We've got you covered. MCP Auth follows the spec and best practices, so you can launch with confidence.

It really can be just a few lines of code

mcp = FastMCP("MyMCPServer")
mcp_auth = MCPAuth(server=fetch_server_config('<auth-server-url>', type=AuthServerType.OIDC))
app = Starlette(
    # ... your MCP server setup
    middleware=[Middleware(
        mcp_auth.bearer_auth_middleware("jwt", required_scopes=["read", "write"])
    )]
)

# Use `mcp_auth.auth_info` to access the auth information for the current request
@mcp.tool()
def whoami() -> dict[str, Any]:
    return mcp_auth.auth_info.claims

How about the MCP SDKs?

The official MCP SDKs (Python, Node.js, etc.) are a great starting point. MCP Auth uses them in all tutorials and it can serve a strong supplement to your existing setup.

MCP Auth bridges the gap between "it runs" and "it's secure, scalable, and maintainable" for authentication and authorization.

It's designed to work alongside the SDKs by offering:

  • First-class JWT support
  • Provider-agnostic tools
  • Step-by-step guides for various identity providers

Plus, we keep up with changes to the MCP spec and SDKs, so you don’t have to.