MCP Tools
@clerk
Tools for building modern & secure MCP integrations across the client and server side
Overview
What is MCP Tools?
MCP Tools is a library built on top of the MCP TypeScript SDK that simplifies adding OAuth-based authentication to both MCP clients and servers. It is designed for developers who want to let AI applications (like Claude or ChatGPT) access user-protected data (e.g., emails, private repos) after obtaining explicit permission.
How to use MCP Tools?
Install the @clerk/mcp-tools package. For a server, use generateProtectedResourceMetadata to expose a .well-known/oauth-protected-resource endpoint and framework-specific adapters (Express.js, Next.js) to create an MCP request handler. For a client, use createDynamicallyRegisteredMcpClient to initiate an OAuth flow, completeAuthWithCode to handle the callback, and pass a persistent store adapter (e.g., file system, Redis). Then call MCP tools with callTool after reconnecting via getClientBySessionId.
Key features of MCP Tools
- Generates OAuth protected resource metadata per RFC 9728
- Generates authorization server metadata with Clerk or custom overrides
- Provides framework-specific adapters for Express.js and Next.js
- Offers client utilities for dynamic registration and OAuth callback handling
- Supports multiple persistent stores (file system, Redis, etc.)
- Built on the standard MCP TypeScript SDK
Use cases of MCP Tools
- Let an AI assistant access a user’s private GitHub repositories as context
- Enable an AI app to draft and send emails on behalf of the user after review
- Allow an AI to read calendar events from a user’s authorized account
- Build a custom AI agent that interacts with any OAuth-protected API via MCP
FAQ from MCP Tools
How does MCP Tools differ from the plain MCP TypeScript SDK?
MCP Tools wraps the SDK with pre-built helpers for the OAuth authorization flow required by the MCP spec. It handles protected resource metadata generation, authorization server metadata, and OAuth callback orchestration, reducing boilerplate.
What are the runtime dependencies for MCP Tools?
It requires Node.js and the MCP TypeScript SDK. For authentication, it can work with any OAuth 2.0 provider; integration with Clerk is optional but has dedicated helpers. The client side also needs a persistent store (file system for development, Redis for production).
Where does MCP Tools store session data?
Session data is stored externally via a pluggable store adapter. The library provides built-in file system (for dev) and Redis (for production) stores. You can also implement a custom store.
What transport protocol does MCP Tools use?
MCP Tools relies on the HTTP/Streamable HTTP transport defined by the MCP spec. The framework-specific adapters (Express.js, Next.js) handle the underlying request/response objects.
Does MCP Tools support the full MCP authorization flow?
Yes, it supports the latest draft spec with OAuth 2.0 dynamic client registration. The older "authorization server metadata" approach is provided as a fallback but is not fully implemented yet.