Mcp Server Remote Setup With Jwt Auth
What is Mcp Server Remote Setup With Jwt Auth
mcp-server-remote-setup-with-jwt-auth is a secure middleware server that implements the Model Context Protocol (MCP) over Server-Sent Events (SSE) with JWT authentication. It facilitates standardized communication between AI tools and clients, featuring dynamic tool registration, request logging, and session management, making it ideal for production-ready AI systems that require secure access patterns.
Use cases
Use cases include building secure AI applications that require real-time data streaming, integrating multiple AI tools into a single interface, and managing user sessions securely while logging interactions for auditing purposes.
How to use
To use mcp-server-remote-setup-with-jwt-auth, clone the repository, install the dependencies, create a .env file with your JWT secret, and run the server. You can then test the server with the MCP Inspector by generating a JWT token and connecting through the Inspector UI using SSE transport.
Key features
Key features include secure SSE connections using Bearer JWT tokens, dynamic tool registration, comprehensive request lifecycle logging, session management for the /message endpoint, and readiness for production use.
Where to use
mcp-server-remote-setup-with-jwt-auth can be used in various fields that require secure communication between AI tools and clients, such as AI development, data processing, and real-time applications.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Mcp Server Remote Setup With Jwt Auth
mcp-server-remote-setup-with-jwt-auth is a secure middleware server that implements the Model Context Protocol (MCP) over Server-Sent Events (SSE) with JWT authentication. It facilitates standardized communication between AI tools and clients, featuring dynamic tool registration, request logging, and session management, making it ideal for production-ready AI systems that require secure access patterns.
Use cases
Use cases include building secure AI applications that require real-time data streaming, integrating multiple AI tools into a single interface, and managing user sessions securely while logging interactions for auditing purposes.
How to use
To use mcp-server-remote-setup-with-jwt-auth, clone the repository, install the dependencies, create a .env file with your JWT secret, and run the server. You can then test the server with the MCP Inspector by generating a JWT token and connecting through the Inspector UI using SSE transport.
Key features
Key features include secure SSE connections using Bearer JWT tokens, dynamic tool registration, comprehensive request lifecycle logging, session management for the /message endpoint, and readiness for production use.
Where to use
mcp-server-remote-setup-with-jwt-auth can be used in various fields that require secure communication between AI tools and clients, such as AI development, data processing, and real-time applications.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
🔐 SSE MCP Server with JWT Authentication
This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.
Built with:
- 🚀 Node.js + Express
- 🧩 @modelcontextprotocol/sdk
- 🔒 JSON Web Tokens (JWT) for authentication
- ⚙️ Zod for input validation
✅ Fully tested with
@modelcontextprotocol/inspector
📂 Project Structure
server/ ├── index.ts # Main Express + MCP server ├── .env # Environment variables ├── package.json # Project metadata & scripts ├── tsconfig.json # TypeScript config └── README.md # You are here!
✨ Features
- ✅ Secure SSE connection using Bearer JWT token
- ✅ Dynamic Tool registration (echo, time, random number, etc.)
- ✅ Tested with MCP Inspector
- ✅ Logs all request lifecycle events
- ✅ Session management for /message endpoint
- 🚀 Ready to extend for production use
⚙️ Setup
1. Clone the repository
git clone https://github.com/anisirji/mcp-server-remote-setup-with-jwt-auth.git
cd mcp-server-remote-setup-with-jwt-auth
2. Install dependencies
npm install
3. Create .env file
echo "JWT_SECRET=your-secret-key" > .env
4. Run the server
npm run dev
✅ Server will run on:
http://localhost:3001/sse
🧪 Testing the server with MCP Inspector
Step 1 — Install MCP Inspector
📖 Official Docs: MCP Inspector
npx @modelcontextprotocol/inspector
Step 2 — Generate a token
Use cURL to get your JWT token:
curl "http://localhost:3001/auth/token?username=aniket&scope=mcp:access"
✅ Example response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}Step 3 — Connect MCP Inspector
- Open Inspector UI
- Set Transport Type: SSE
- URL:
http://localhost:3001/sse - Add Authorization Header:
Authorization: Bearer <your-token> - Click Connect
🎉 Success! Your server is now connected.
Step 4 — Test tools
Go to Tools tab in Inspector and click List Tools.
You will see:
- ✅
test - ✅
echo - ✅
get-time - ✅
random-number
Test them and enjoy!
📖 API Reference
🔑 Generate Token
GET /auth/token?username=<username>&scope=mcp:access
🔌 SSE Endpoint (requires token)
GET /sse Authorization: Bearer <token>
📩 Send Message to active session
POST /message?sessionId=<sessionId> Authorization: Bearer <token>
🧩 Tools Reference
| Tool Name | Description |
|---|---|
test |
Test connection (security check) |
echo |
Echo back provided message |
get-time |
Returns current server time |
random-number |
Returns random number (min/max) |
🗓️ Upcoming Changes
- [ ] Token revocation list (blacklist)
- [ ] Role-based tool access (scope checks)
- [ ] Session heartbeat / keep-alive
- [ ] Rate limiting & logging
- [ ] Dockerization for deployment
📚 Useful Resources
👨💻 Maintainer
Aniket
📄 License
This project is open-source and free to use.
🚀 Build. Secure. Empower.
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
