MCP.so
ログイン

MCP Server Reference Implementation

@QuantGeekDev

MCP Server Reference Implementation について

Reference mcp server implementation of draft mcp oauth spec https://modelcontextprotocol.io/specification/draft/basic/authorization#2-3-authorization-server-discovery

基本情報

カテゴリ

その他

ランタイム

node

トランスポート

stdio

公開者

QuantGeekDev

設定

標準の設定はありません

このサーバーの README には解析可能な MCP 設定ブロックが含まれていません。インストール手順はリポジトリをご確認ください。

リポジトリ

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is MCP Server Reference Implementation?

MCP Server Reference Implementation is a reference implementation of the draft Authorization spec updates using the official TypeScript SDK. It is intended for developers testing or implementing OAuth 2.1 authorization flows for MCP servers.

How to use MCP Server Reference Implementation?

Clone the repo, run npm i, npm run build, then npm run start. The server starts on port 1335. Use ngrok to tunnel the server with a custom static domain for OAuth 2.1 compliance. Configure the chosen auth provider (Cognito or Keycloak) with the resource server domain.

Key features of MCP Server Reference Implementation

  • Implements draft Authorization spec for MCP.
  • Supports two authentication providers: Cognito and Keycloak.
  • Validates scope mcp:access and <resource-id>/mcp:access.
  • Includes a companion Postman collection for testing.
  • Provides environment variable overrides for local development.

Use cases of MCP Server Reference Implementation

  • Testing OAuth 2.1 authorization flows in MCP workflows.
  • Validating authorization server discovery as per the MCP specification.
  • Self-hosting a Keycloak‑based auth server for MCP clients.
  • Developing and debugging MCP client authorization integration.

FAQ from MCP Server Reference Implementation

What runtime or dependencies are required?

Node.js and npm are required. The implementation uses the official TypeScript SDK and depends on ngrok for OAuth 2.1 testing.

Where does authentication data live?

Authentication is handled by external providers (Cognito or Keycloak). The server itself does not store user data.

Does this server support OAuth 2.1?

Yes, the implementation follows the draft Authorization spec using OAuth 2.1. OAuth 2.1 does not allow the http protocol, so ngrok with a static domain is recommended.

What transport does the server use?

The server runs on HTTP (or HTTPS via ngrok). No specific transport protocol is mentioned beyond the standard HTTP server.

Are there any known limitations?

The server is a reference implementation for testing and development. It is not intended for production use. OAuth 2.1 requires HTTPS, which necessitates ngrok or a valid TLS certificate.

コメント

「その他」の他のコンテンツ