MCP.so
Sign In

Implementing Streamable HTTP MCP Server with Browser-based OAuth

@asibyl

About Implementing Streamable HTTP MCP Server with Browser-based OAuth

MCP Streamable HTTP Server with Standard Browser OAuth

Basic information

Category

Developer Tools

Runtime

node

Transports

stdio

Publisher

asibyl

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "streamable-http-oauth": {
      "command": "npx",
      "args": [
        "tsx",
        "server/index_streamable.ts"
      ],
      "env": {
        "GITHUB_CLIENT_ID": "",
        "GITHUB_CLIENT_SECRET": ""
      }
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Implementing Streamable HTTP MCP Server with Browser-based OAuth?

An MCP server that uses Streamable HTTP transport and browser-based OAuth with GitHub. It handles client authorization requests through custom OAuth endpoints, verifying access tokens and managing session-based transport connections. Built for developers who need an MCP server that delegates authentication to GitHub’s OAuth flow.

How to use Implementing Streamable HTTP MCP Server with Browser-based OAuth?

Clone the repository, run npm install, set GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET environment variables, then start the server with npx tsx server/index.ts. Clients interact via POST to /mcp, /authorize, and /token endpoints.

Key features of Implementing Streamable HTTP MCP Server with Browser-based OAuth

  • Streamable HTTP server with /mcp endpoint
  • Browser-based GitHub OAuth authorization
  • Custom PKCE challenge and verifier generation
  • Access token verification and session management
  • OAuthServerProvider implementation for extensibility

Use cases of Implementing Streamable HTTP MCP Server with Browser-based OAuth

  • MCP clients that need delegated authorization via GitHub
  • Prototyping OAuth flows within the Model Context Protocol
  • Building secure MCP services with third-party authentication

FAQ from Implementing Streamable HTTP MCP Server with Browser-based OAuth

What is Streamable HTTP transport?

The server uses a single POST endpoint (/mcp) for all JSON-RPC messages instead of SSE or WebSocket, and manages sessions via a simple transport abstraction.

How does the OAuth flow work?

The client is redirected to GitHub’s authorization endpoint. After the user authorizes, GitHub returns an access token to the server, which stores it and issues a server‑owned access token to the client via /token.

What environment variables are required?

GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET must be set from a GitHub OAuth App created in your GitHub Developer Settings.

What are the runtime dependencies?

Node.js with npm. The server is started with tsx and depends on the packages installed via npm install.

Where are access tokens stored?

Access tokens are stored in memory on the server along with the client ID. No persistent storage is described.

Comments

More Developer Tools MCP servers