ContextQMD
Back to Hertzbeat

MCP OAuth Server

mcp-servers/mcp-bash-server/src/html/mcp_oauth_index.html

1.8.01.2 KB
Original Source

MCP OAuth Server

This is an MCP server with OAuth 2.0 integration to a third-party authorization server.

Available Endpoints:

Authorization Endpoint

GET /authorize

Parameters:

  • response_type - Must be "code"
  • client_id - Client identifier (e.g., "mcp-client")
  • redirect_uri - URI to redirect after authorization
  • scope - Optional requested scope
  • state - Optional state value for CSRF prevention

Token Endpoint

POST /token

Parameters:

  • grant_type - Must be "authorization_code"
  • code - The authorization code
  • client_id - Client identifier
  • client_secret - Client secret
  • redirect_uri - Redirect URI used in authorization request

MCP streamablehttp Endpoints

/mcp - Streamablehttp connection endpoint (requires OAuth token)

OAuth Flow:

  1. MCP Client initiates OAuth flow with this MCP Server
  2. MCP Server redirects to Third-Party OAuth Server
  3. User authenticates with Third-Party Server
  4. Third-Party Server redirects back to MCP Server with auth code
  5. MCP Server exchanges the code for a third-party access token
  6. MCP Server generates its own token bound to the third-party session
  7. MCP Server completes the OAuth flow with the MCP Client