mcpserver.so LogoMCPFly
Submit
SSE MCP Server with JWT Authentication logo

SSE MCP Server with JWT Authentication

by MCP-Mirror

AI/Development ToolsSSEJWTAuthenticationNode.jsExpressZod

This is a Model Context Protocol (MCP) SSE server with JWT-based authentication. It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.

View on GitHub

Last updated: N/A

What is SSE MCP Server with JWT Authentication?

This is a Node.js and Express-based server that implements the Model Context Protocol (MCP) over Server-Sent Events (SSE) with JWT authentication. It provides a secure way to expose AI tools and manage sessions.

How to use SSE MCP Server with JWT Authentication?

To use this server, clone the repository, install dependencies, create a .env file with a JWT secret, and run the server. You can then generate a JWT token using the /auth/token endpoint and connect to the SSE endpoint (/sse) with the token in the Authorization header. The server can be tested using MCP Inspector.

Key features of SSE MCP Server with JWT Authentication

  • Secure SSE connection using Bearer JWT token

  • Dynamic Tool registration

  • Tested with MCP Inspector

  • Logs all request lifecycle events

  • Session management for /message endpoint

  • Ready to extend for production use

Use cases of SSE MCP Server with JWT Authentication

  • Exposing AI tools securely

  • Managing AI tool sessions

  • Integrating AI tools with MCP Inspector

  • Building secure AI applications

  • Providing a standardized interface for AI tools

FAQ from SSE MCP Server with JWT Authentication

How do I generate a JWT token?

Use the GET /auth/token endpoint with a username and scope.

How do I connect to the SSE endpoint?

Use the GET /sse endpoint with the Authorization header set to 'Bearer <your-token>'.

What tools are available by default?

The server includes 'test', 'echo', 'get-time', and 'random-number' tools.

How do I test the server?

Use MCP Inspector to connect to the server and test the available tools.

What are the upcoming changes?

Planned features include token revocation, role-based access, session heartbeat, rate limiting, and Dockerization.