HTTP + SSE MCP Server w/ OAuth
by NapthaAI
This repository provides a reference implementation for creating a remote MCP server that supports the Streamable HTTP & SSE Transports, authorized with OAuth based on the MCP specification. It includes an MCP server and an Express.js application that manages both the SSE and Streamable HTTP transports, as well as OAuth authorization.
Last updated: N/A
What is HTTP + SSE MCP Server w/ OAuth?
This is a reference implementation for an MCP server that supports Streamable HTTP and SSE transports, authorized with OAuth. It includes an MCP server and an Express.js application for managing transports and OAuth.
How to use HTTP + SSE MCP Server w/ OAuth?
Fork the repository and plug in your own MCP server and OAuth credentials into the provided Express.js application. Configure OAuth with an upstream provider like Auth0, ensuring support for Dynamic Client Registration. Run either the stateless or stateful server implementation using Bun.
Key features of HTTP + SSE MCP Server w/ OAuth
Streamable HTTP transport support
SSE transport support
OAuth authorization
Dynamic Client Registration support
Express.js application for transport and OAuth management
Stateless and stateful server implementations
Use cases of HTTP + SSE MCP Server w/ OAuth
Integrating MCP with OAuth-protected environments
Building MCP servers with streamable HTTP transport
Creating MCP servers with SSE transport
Developing MCP clients that require OAuth authorization
Connecting MCP servers to hosts like Cursor and Claude Desktop
FAQ from HTTP + SSE MCP Server w/ OAuth
Why use this repository?
Why use this repository?
It provides a working reference implementation for an OAuth-authorized MCP server with streamable HTTP, which lacks documentation and complete implementations in existing SDKs.
What dependencies are required?
What dependencies are required?
Bun is the recommended runtime and package manager. Limited compatibility testing has been done with npm + tsc.
What is Dynamic Client Registration?
What is Dynamic Client Registration?
It's an OAuth feature required by the MCP specification that allows MCP clients to obtain Client IDs without user registration.
Which OAuth providers support Dynamic Client Registration?
Which OAuth providers support Dynamic Client Registration?
Auth0 is recommended. Providers like Google and GitHub do not support it directly.
How can I test the MCP server?
How can I test the MCP server?
You can plug the remote server into an MCP host like Cursor or Claude Desktop, or into a TypeScript/JavaScript application directly using StreamableHTTPClientTransport.