Skip to main content
Glama
benoib

ROAST MCP App

by benoib

ROAST MCP App

Skybridge MCP / ChatGPT app for authenticated ROAST users.

The app exposes a protected /mcp endpoint, maps the OAuth identity to a ROAST user_firebase_id, and calls the existing ROAST backend with a server-side backend bearer token. Tool inputs never accept user_firebase_id; user scope is always derived from auth.

Current Tools

  • show_roast_dashboard: dashboard view with account summary, recent profiles, photoshoots, and images.

  • list_my_profiles: recent profile reviews for the authenticated user.

  • list_my_photoshoots: recent photoshoots for the authenticated user.

  • list_my_images: recent visible images for the authenticated user.

Related MCP server: Firebase DAM MCP Server

Setup

Requires Node.js 24+.

npm install
cp .env.example .env
npm run dev

Skybridge runs the MCP endpoint at http://localhost:3000/mcp and DevTools at http://localhost:3000.

Auth Modes

Production: Firebase OAuth Bridge

Use ROAST_MCP_AUTH_MODE=firebase.

The MCP app exposes OAuth-compatible endpoints for ChatGPT/MCP clients:

  • GET/POST /oauth/authorize

  • POST /oauth/token

  • POST /oauth/register

The authorization page signs users into Firebase with their ROAST email and password, then issues an MCP bearer token whose subject is the Firebase UID. That UID is used directly as ROAST user_firebase_id, so paid users keep access to their subscription, coins, products, and photoshoots.

Required variables:

ROAST_MCP_AUTH_MODE=firebase
FIREBASE_WEB_API_KEY=...
MCP_AUTH_JWT_SECRET=...
ROAST_API_BEARER_TOKEN=...

Optional: Auth0

Use ROAST_MCP_AUTH_MODE=auth0 if you want to fall back to Auth0. The access token is verified against Auth0 JWKS, then mapped to ROAST by ROAST_USER_ID_CLAIM or verified email lookup.

Local: Dev Token

Use ROAST_MCP_AUTH_MODE=dev with:

ROAST_MCP_DEV_TOKEN=dev-roast-token
ROAST_MCP_DEV_USER_FIREBASE_ID=<existing-roast-user-firebase-id>

Then connect with:

Authorization: Bearer dev-roast-token

Environment

See .env.example.

Important variables:

  • SERVER_URL: public Skybridge server URL.

  • APP_DOMAIN: public domain for rendered views.

  • ROAST_API_BASE_URL: ROAST backend API base URL.

  • ROAST_API_BEARER_TOKEN: backend-to-backend token accepted by ROAST.

  • AUTH0_DOMAIN: Auth0 tenant domain.

  • AUTH0_AUDIENCE: Auth0 API audience used for MCP access tokens.

Verify

npm run build
F
license - not found
-
quality - not tested
B
maintenance

Maintenance

Maintainers
Response time
Release cycle
Releases (12mo)
Commit activity

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/benoib/roast-mcp-app'

If you have feedback or need assistance with the MCP directory API, please join our Discord server