Public
mcp-server-remote-setup-with-jwt-auth
2025-04-05
Secure middleware server implementing Model Context Protocol (MCP) over SSE with JWT authentication. Enables standardized communication between AI tools and clients with dynamic tool registration, request logging, and session management. Perfect for building production-ready AI systems requiring secure access patterns.
1
Github Watches
0
Github Forks
1
Github Stars
🔐 SSE MCP Server with JWT Authentication
This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.
Built with:
- 🚀 Node.js + Express
- 🧩 @modelcontextprotocol/sdk
- 🔒 JSON Web Tokens (JWT) for authentication
- ⚙️ Zod for input validation
✅ Fully tested with
@modelcontextprotocol/inspector
📂 Project Structure
server/
├── index.ts # Main Express + MCP server
├── .env # Environment variables
├── package.json # Project metadata & scripts
├── tsconfig.json # TypeScript config
└── README.md # You are here!
✨ Features
- ✅ Secure SSE connection using Bearer JWT token
- ✅ Dynamic Tool registration (echo, time, random number, etc.)
- ✅ Tested with MCP Inspector
- ✅ Logs all request lifecycle events
- ✅ Session management for /message endpoint
- 🚀 Ready to extend for production use
⚙️ Setup
1. Clone the repository
git clone https://github.com/anisirji/mcp-server-remote-setup-with-jwt-auth.git
cd mcp-server-remote-setup-with-jwt-auth
2. Install dependencies
npm install
3. Create .env file
echo "JWT_SECRET=your-secret-key" > .env
4. Run the server
npm run dev
✅ Server will run on:
http://localhost:3001/sse
🧪 Testing the server with MCP Inspector
Step 1 — Install MCP Inspector
📖 Official Docs: MCP Inspector
npx @modelcontextprotocol/inspector
Step 2 — Generate a token
Use cURL to get your JWT token:
curl "http://localhost:3001/auth/token?username=aniket&scope=mcp:access"
✅ Example response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Step 3 — Connect MCP Inspector
- Open Inspector UI
- Set Transport Type: SSE
- URL:
http://localhost:3001/sse - Add Authorization Header:
Authorization: Bearer <your-token> - Click Connect
🎉 Success! Your server is now connected.
Step 4 — Test tools
Go to Tools tab in Inspector and click List Tools.
You will see:
- ✅
test - ✅
echo - ✅
get-time - ✅
random-number
Test them and enjoy!
📖 API Reference
🔑 Generate Token
GET /auth/token?username=<username>&scope=mcp:access
🔌 SSE Endpoint (requires token)
GET /sse
Authorization: Bearer <token>
📩 Send Message to active session
POST /message?sessionId=<sessionId>
Authorization: Bearer <token>
🧩 Tools Reference
| Tool Name | Description |
|---|---|
test |
Test connection (security check) |
echo |
Echo back provided message |
get-time |
Returns current server time |
random-number |
Returns random number (min/max) |
🗓️ Upcoming Changes
- Token revocation list (blacklist)
- Role-based tool access (scope checks)
- Session heartbeat / keep-alive
- Rate limiting & logging
- Dockerization for deployment
📚 Useful Resources
👨💻 Maintainer
Aniket
📄 License
This project is open-source and free to use.
🚀 Build. Secure. Empower.
相关推荐
I find academic articles and books for research and literature reviews.
Confidential guide on numerology and astrology, based of GG33 Public information
Emulating Dr. Jordan B. Peterson's style in providing life advice and insights.
Your go-to expert in the Rust ecosystem, specializing in precise code interpretation, up-to-date crate version checking, and in-depth source code analysis. I offer accurate, context-aware insights for all your Rust programming questions.
Advanced software engineer GPT that excels through nailing the basics.
Converts Figma frames into front-end code for various mobile frameworks.
Take an adjectivised noun, and create images making it progressively more adjective!
Discover the most comprehensive and up-to-date collection of MCP servers in the market. This repository serves as a centralized hub, offering an extensive catalog of open-source and proprietary MCP servers, complete with features, documentation links, and contributors.
The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, No-code agent builder, MCP compatibility, and more.
Micropython I2C-based manipulation of the MCP series GPIO expander, derived from Adafruit_MCP230xx
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
🧑🚀 全世界最好的LLM资料总结(Agent框架、辅助编程、数据处理、模型训练、模型推理、o1 模型、MCP、小语言模型、视觉语言模型) | Summary of the world's best LLM resources.
Reviews
4
(1)
user_dw2fwAJ1
2025-04-17
I've been using mcp-server-remote-setup-with-jwt-auth for a while now, and it has simplified my server setup process tremendously. The JWT authentication ensures a secure connection, and the documentation on GitHub by anisirji is clear and easy to follow. Highly recommend this for anyone in need of a reliable remote setup solution.