MCP Server Reference Implementation
@QuantGeekDev
关于 MCP Server Reference Implementation
Reference mcp server implementation of draft mcp oauth spec https://modelcontextprotocol.io/specification/draft/basic/authorization#2-3-authorization-server-discovery
基本信息
配置
工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is MCP Server Reference Implementation?
MCP Server Reference Implementation is a reference implementation of the draft Authorization spec updates using the official TypeScript SDK. It is intended for developers testing or implementing OAuth 2.1 authorization flows for MCP servers.
How to use MCP Server Reference Implementation?
Clone the repo, run npm i, npm run build, then npm run start. The server starts on port 1335. Use ngrok to tunnel the server with a custom static domain for OAuth 2.1 compliance. Configure the chosen auth provider (Cognito or Keycloak) with the resource server domain.
Key features of MCP Server Reference Implementation
- Implements draft Authorization spec for MCP.
- Supports two authentication providers: Cognito and Keycloak.
- Validates scope
mcp:accessand<resource-id>/mcp:access. - Includes a companion Postman collection for testing.
- Provides environment variable overrides for local development.
Use cases of MCP Server Reference Implementation
- Testing OAuth 2.1 authorization flows in MCP workflows.
- Validating authorization server discovery as per the MCP specification.
- Self-hosting a Keycloak‑based auth server for MCP clients.
- Developing and debugging MCP client authorization integration.
FAQ from MCP Server Reference Implementation
What runtime or dependencies are required?
Node.js and npm are required. The implementation uses the official TypeScript SDK and depends on ngrok for OAuth 2.1 testing.
Where does authentication data live?
Authentication is handled by external providers (Cognito or Keycloak). The server itself does not store user data.
Does this server support OAuth 2.1?
Yes, the implementation follows the draft Authorization spec using OAuth 2.1. OAuth 2.1 does not allow the http protocol, so ngrok with a static domain is recommended.
What transport does the server use?
The server runs on HTTP (or HTTPS via ngrok). No specific transport protocol is mentioned beyond the standard HTTP server.
Are there any known limitations?
The server is a reference implementation for testing and development. It is not intended for production use. OAuth 2.1 requires HTTPS, which necessitates ngrok or a valid TLS certificate.
其他 分类下的更多 MCP 服务器
IDA Pro MCP
mrexodiaAI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

Sequential Thinking
modelcontextprotocolModel Context Protocol Servers
Servers
modelcontextprotocolModel Context Protocol Servers
Reactive Resume
amruthpillaiA one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!
Codelf
unbugA search tool helps dev to solve the naming things problem.
评论