mcp-oauth

Installation
SKILL.md

OAuth 2.0 PKCE for MCP Servers

Add production-ready OAuth authentication to a remote MCP server. This implements the full MCP authorization spec — discovery, dynamic client registration, PKCE authorization, token exchange, and refresh.

When you need this

Your MCP server accesses user-specific data (their account, their files, their playlists). Without auth, anyone with your server URL could access anyone's data. OAuth lets each user authenticate with their own credentials and get their own token.

Architecture overview

Your MCP server plays two roles:

  1. OAuth server for MCP clients (Claude, Smithery) — issues your own tokens
  2. OAuth client to the upstream service (Tidal, GitHub, Slack, etc.) — exchanges for their tokens
Installs
12
GitHub Stars
5
First Seen
Mar 19, 2026
mcp-oauth — lucaperret/agent-skills