Integrations

Manages environment variables for server configuration, including JWT secrets.
Serves as the web framework for the MCP server, handling HTTP requests and SSE connections for AI tool communication.
Used for version control and project setup via cloning.

🔐 SSE MCP Server with JWT Authentication

This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.

Built with:

🚀 Node.js + Express
🧩 @modelcontextprotocol/sdk
🔒 JSON Web Tokens (JWT) for authentication
⚙️ Zod for input validation

✅ Fully tested with @modelcontextprotocol/inspector

📂 Project Structure

server/
├── index.ts          # Main Express + MCP server
├── .env              # Environment variables
├── package.json      # Project metadata & scripts
├── tsconfig.json     # TypeScript config
└── README.md         # You are here!

✨ Features

✅ Secure SSE connection using Bearer JWT token
✅ Dynamic Tool registration (echo, time, random number, etc.)
✅ Tested with MCP Inspector
✅ Logs all request lifecycle events
✅ Session management for /message endpoint
🚀 Ready to extend for production use

⚙️ Setup

1. Clone the repository

git clone https://github.com/anisirji/mcp-server-remote-setup-with-jwt-auth.git
cd mcp-server-remote-setup-with-jwt-auth

2. Install dependencies

npm install

3. Create `.env` file

echo "JWT_SECRET=your-secret-key" > .env

4. Run the server

npm run dev

✅ Server will run on:

http://localhost:3001/sse

🧪 Testing the server with MCP Inspector

Step 1 — Install MCP Inspector

📖 Official Docs: MCP Inspector

npx @modelcontextprotocol/inspector

Step 2 — Generate a token

Use cURL to get your JWT token:

curl "http://localhost:3001/auth/token?username=aniket&scope=mcp:access"

✅ Example response:

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Step 3 — Connect MCP Inspector

Open Inspector UI
Set Transport Type: SSE
URL:
http://localhost:3001/sse
Add Authorization Header:
Authorization: Bearer <your-token>
Click Connect

🎉 Success! Your server is now connected.

Step 4 — Test tools

Go to Tools tab in Inspector and click List Tools.

You will see:

✅ test
✅ echo
✅ get-time
✅ random-number

Test them and enjoy!

📖 API Reference

🔑 Generate Token

GET /auth/token?username=<username>&scope=mcp:access

🔌 SSE Endpoint (requires token)

GET /sse
Authorization: Bearer <token>

📩 Send Message to active session

POST /message?sessionId=<sessionId>
Authorization: Bearer <token>

🧩 Tools Reference

Tool Name	Description
`test`	Test connection (security check)
`echo`	Echo back provided message
`get-time`	Returns current server time
`random-number`	Returns random number (min/max)

🗓️ Upcoming Changes

Token revocation list (blacklist)
Role-based tool access (scope checks)
Session heartbeat / keep-alive
Rate limiting & logging
Dockerization for deployment

📚 Useful Resources

👨‍💻 Maintainer

Aniket

📄 License

This project is open-source and free to use.

🚀 Build. Secure. Empower.

This server cannot be installed

-

security - not tested

F

license - not found

-

quality - not tested

A Model Context Protocol server that exposes multiple AI tools over SSE transport with JWT-based secure authentication, allowing for dynamic tool registration and session management.