🔐 SSE MCP Server with JWT Authentication
This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.
Built with:
- 🚀 Node.js + Express
- 🧩 @modelcontextprotocol/sdk
- 🔒 JSON Web Tokens (JWT) for authentication
- ⚙️ Zod for input validation
✅ Fully tested with
@modelcontextprotocol/inspector
📂 Project Structure
✨ Features
- ✅ Secure SSE connection using Bearer JWT token
- ✅ Dynamic Tool registration (echo, time, random number, etc.)
- ✅ Tested with MCP Inspector
- ✅ Logs all request lifecycle events
- ✅ Session management for /message endpoint
- 🚀 Ready to extend for production use
⚙️ Setup
1. Clone the repository
2. Install dependencies
3. Create .env
file
4. Run the server
✅ Server will run on:
🧪 Testing the server with MCP Inspector
Step 1 — Install MCP Inspector
📖 Official Docs: MCP Inspector
Step 2 — Generate a token
Use cURL to get your JWT token:
✅ Example response:
Step 3 — Connect MCP Inspector
- Open Inspector UI
- Set Transport Type: SSE
- URL:
- Add Authorization Header:
- Click Connect
🎉 Success! Your server is now connected.
Step 4 — Test tools
Go to Tools tab in Inspector and click List Tools.
You will see:
- ✅
test
- ✅
echo
- ✅
get-time
- ✅
random-number
Test them and enjoy!
📖 API Reference
🔑 Generate Token
🔌 SSE Endpoint (requires token)
📩 Send Message to active session
🧩 Tools Reference
Tool Name | Description |
---|---|
test | Test connection (security check) |
echo | Echo back provided message |
get-time | Returns current server time |
random-number | Returns random number (min/max) |
🗓️ Upcoming Changes
- Token revocation list (blacklist)
- Role-based tool access (scope checks)
- Session heartbeat / keep-alive
- Rate limiting & logging
- Dockerization for deployment
📚 Useful Resources
👨💻 Maintainer
Aniket
📄 License
This project is open-source and free to use.
🚀 Build. Secure. Empower.
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
模型上下文协议服务器通过基于 JWT 的安全身份验证通过 SSE 传输公开多个 AI 工具,从而实现动态工具注册和会话管理。
Related MCP Servers
- -securityFlicense-qualityA demonstration implementation of the Model Context Protocol server that facilitates communication between AI models and external tools while maintaining context awareness.Last updated -
- -securityFlicense-qualityA comprehensive Model Context Protocol server implementation that enables AI assistants to interact with file systems, databases, GitHub repositories, web resources, and system tools while maintaining security and control.Last updated -71
- AsecurityFlicenseAqualityA server that enables AI to access external services through the Model Context Protocol, specifically integrating with an authentication system to obtain login tickets.Last updated -1