Skip to main content
Glama

OAuth MCP Server

by jaysunmah
GitHub
Python
OverviewInspectNewEndpointsSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

OAuth MCP Server

A complete OAuth 2.1 server implementation for FastMCP with PKCE support.

⚠️ Security Warning

This is an advanced authentication pattern. Building a secure OAuth server requires deep expertise in authentication protocols, cryptography, and security best practices. The FastMCP documentation strongly recommends using Remote OAuth or OAuth Proxy instead unless you have compelling requirements.

See OAUTH_README.md for complete documentation.

Quick Start

Installation

# Install dependencies uv sync

Run the Server

python main.py

The server will start on http://localhost:8000 with a demo OAuth client registered.

Test the OAuth Flow

In a separate terminal:

python oauth_client_example.py

This will demonstrate the complete OAuth 2.1 flow including:

  • PKCE challenge/verifier generation

  • Authorization code exchange

  • Access token usage

  • Token refresh

Demo Credentials

OAuth Client:

  • Client ID: demo_client

  • Client Secret: demo_secret

Demo User:

  • Username: demo_user

  • Password: demo_password

Project Structure

oauth_mcp/ ├── main.py # FastMCP server with OAuth ├── oauth_provider.py # OAuth 2.1 server implementation ├── oauth_client_example.py # Complete OAuth flow demo ├── client.py # Original simple client (no auth) ├── OAUTH_README.md # Complete documentation └── README.md # This file

Features

✅ Full OAuth 2.1 implementation
✅ PKCE (Proof Key for Code Exchange)
✅ Authorization code flow
✅ Token refresh with rotation
✅ Token revocation
✅ Scope validation
✅ State parameter for CSRF protection

Documentation

See OAUTH_README.md for:

  • Detailed architecture

  • Security considerations

  • Production deployment guide

  • Database schema

  • Testing strategies

  • Troubleshooting

References

License

Copyright Anysphere Inc.

This server cannot be installed

-
security - not tested
F
license - not found
-
quality - not tested

How are these scores calculated?

local-only server

The server can only run on the client's local machine because it depends on local resources.

A complete OAuth 2.1 server implementation for FastMCP with PKCE support, enabling secure authentication and authorization flows. Provides authorization code exchange, token management, and refresh capabilities for building authenticated MCP applications.

  1. ⚠️ Security Warning
    1. Quick Start
      1. Installation
      2. Run the Server
      3. Test the OAuth Flow
    2. Demo Credentials
      1. Project Structure
        1. Features
          1. Documentation
            1. References
              1. License

                New MCP Servers

                MCP directory API

                We provide all the information about MCP servers via our MCP API.

                curl -X GET 'https://glama.ai/api/mcp/v1/servers/jaysunmah/oauth_mcp'

                If you have feedback or need assistance with the MCP directory API, please join our Discord server