77 lines
2.5 KiB
Markdown
77 lines
2.5 KiB
Markdown
# Implementing OAuth Authentication for MCP Servers
|
|
|
|
When using **SSE** or **Streamable HTTP** connections, implementing authentication mechanisms is recommended for enhanced security. MCP officially recommends using the OAuth protocol. This guide demonstrates how to debug OAuth-authenticated APIs using openmcp-client, using GitHub user information as an example.
|
|
|
|
## 1. Obtain GitHub OAuth Credentials
|
|
|
|
To access GitHub user APIs, you'll need to create an OAuth application:
|
|
|
|
1. Visit [GitHub Developers](https://github.com/settings/developers)
|
|
2. Click `New OAuth App`
|
|
3. Enter any application name
|
|
4. Set `Homepage URL` to `http://localhost:8000`
|
|
5. Set `Authorization callback URL` to `http://localhost:8000/github/callback`
|
|
6. Click `Register application`
|
|
|
|
|
|
|
|
After registration:
|
|
- Save your `Client ID`
|
|
- Click `Generate a new client secret` (note: secrets are only visible once at generation)
|
|
|
|
## 2. Configure Environment Variables
|
|
|
|
Set your credentials as environment variables:
|
|
|
|
::: code-group
|
|
```bash [bash]
|
|
export MCP_GITHUB_CLIENT_ID={{Client ID}}
|
|
export MCP_GITHUB_CLIENT_SECRET={{secret}}
|
|
```
|
|
|
|
```powershell [PowerShell]
|
|
$env:MCP_GITHUB_CLIENT_ID = "your_id"
|
|
$env:MCP_GITHUB_CLIENT_SECRET = "your_secret"
|
|
```
|
|
|
|
```cmd [CMD]
|
|
set MCP_GITHUB_CLIENT_ID={{Client ID}}
|
|
set MCP_GITHUB_CLIENT_SECRET={{secret}}
|
|
:::
|
|
|
|
> Note: Avoid quotes when setting variables in CMD
|
|
|
|
## 3. Clone Reference Implementation
|
|
|
|
Deploy an OAuth-enabled MCP server using the [official Python example](https://github.com/modelcontextprotocol/python-sdk/tree/main/examples/servers/simple-auth):
|
|
|
|
```bash
|
|
git clone https://github.com/modelcontextprotocol/python-sdk/
|
|
cd examples/servers/simple-auth
|
|
```
|
|
|
|
## 4. Launch MCP Server
|
|
|
|
1. Create a virtual environment
|
|
2. Install dependencies
|
|
3. Run with `uv` or `python main.py`
|
|
|
|
> Important: Environment variables must be set first to avoid `2 validation errors for ServerSettings`
|
|
|
|
## 5. Connect with openmcp-client
|
|
|
|
Connect to your server via web or VSCode:
|
|
|
|
1. Click "+" to add connection
|
|
2. Set URL based on server's transport:
|
|
- SSE: `http://localhost:8000/sse`
|
|
- Streamable HTTP: `http://localhost:8000/mcp`
|
|
3. Leave auth signature blank
|
|
|
|
On first connection, a browser window will open for OAuth authentication. After successful auth, the window will automatically close.
|
|
|
|
|
|
|
|
Once authenticated, access the `get_user_profile` tool to retrieve your GitHub profile:
|
|
|
|
 |