mcpauth
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@mcpauthadd OAuth authentication to my MCP server"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
mcpauth
Drop-in OAuth 2.1 + Dynamic Client Registration (RFC 7591) for MCP servers, backed by mcpauth.
Wraps the official @modelcontextprotocol/sdk's requireBearerAuth middleware so unauthenticated or invalid requests get rejected with a spec-correct 401 before they ever reach your MCP server's handlers.
Install
npm install getmcpauthRelated MCP server: OAuth MCP Server
Usage
import express from "express";
import { mcpAuth } from "getmcpauth";
const app = express();
app.use(
"/mcp",
mcpAuth({ registrationSecret: process.env.MCPAUTH_SECRET })
);
// Unauthenticated or invalid requests never reach this handler.
app.post("/mcp", handleMcpRequest);Get a registrationSecret by creating a project at getmcpauth.dev/dashboard — it's your MCP server's credential for both Dynamic Client Registration and token verification.
MCP clients (Claude, ChatGPT, custom agent frameworks) then discover your auth setup automatically via /.well-known/oauth-authorization-server — no manual client configuration needed.
API
mcpAuth(options)— the middleware above. Successful token verifications are cached in-process (default 30s) so a chatty agent conversation doesn't trigger a network round trip on every tool call.McpAuthTokenVerifier— implements the official SDK'sOAuthTokenVerifierinterface directly, for non-Express use.mintToken(options)— for MCP servers embedded in a product that already has its own users: your backend, which already knows who its logged-in user is, mints a token server-to-server without routing that user through mcpauth's own login.protectedResourceMetadata(options)/mcpAuthResourceMetadataHandler(options)— RFC 9728 resource-metadata helpers.
Full docs: getmcpauth.dev/docs
License
MIT
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/yilmazali325/getmcpauth'
If you have feedback or need assistance with the MCP directory API, please join our Discord server