MCP Server Boilerplate
A TypeScript boilerplate for building MCP servers with streamable HTTP and OAuth proxy support.
MCP Server Playground
A playground for Model Context Protocol (MCP) server built with TypeScript and Streamable HTTP transport with an OAuth Proxy for 3rd party authorization servers like Auth0.
Features
- MCP Server implementation: HTTP-Based Streamable transport using
@modelcontextprotocol/sdkwith HTTP transport, session management, and tool execution. - OAuth authentication/3rd party authorization: Implements an OAuth server for MCP clients to process 3rd party authorization servers like Auth0, providing Dynamic Application Registration for MCP server.
- Storage: Provide storage for MCP server to store data like OAuth sessions, tokens, etc.
- Tools:
echo,system-time,streaming,projectfor demonstration. - Prompts:
echo
Why this project exists?
- The Model Context Protocol spec requires Dynamic Application Registration because it provides a standardized way for MCP clients to automatically register with new servers and obtain OAuth client IDs without user interaction. The main reason for this mechanism is because MCP clients can't know all possible services in advance and manual registration would create significant effort for users and it is not scalable. If do not support Dynamic Application Registration, then MCP clients need to provide OAuth client ID and secret to the server, which is not secure and not scalable.
- However, enabling Dynamic Application Registration (if supported) becomes a security risk because the endpoint is a public endpoint that anyone can create OAuth clients. It can easily be abused, such as by flooding with unwanted client registrations. Hence, Auth0 has disabled Dynamic Application Registration
- As a result, this project provides a way to enable Dynamic Application Registration for MCP server by using OAuth Proxy, but delegating authorization to 3rd party authorization server like Auth0, Github, Google, etc.
Endpoints
| Endpoint | Description |
|---|---|
| GET /ping | Ping the server |
| POST /mcp | MCP protocol request with authentication |
| DELETE /mcp | Session termination |
| GET /.well-known/oauth-authorization-server | OAuth authorization server metadata |
| GET /.well-known/oauth-protected-resource | OAuth protected resources metadata |
| POST /oauth/register | Register a new MCP client |
| GET /oauth/authorize | Handle authorization request |
| POST /oauth/token | Handle token request |
| POST /oauth/revoke | Handle token revocation |
| GET /oauth/stats | Get OAuth service statistics |
| GET /oauth/auth0-callback | Handle Auth0 callback |
Getting Started
Installation
-
Clone the repository:
git clone <your-repo> cd mcp-server-playground -
Install dependencies:
npm install -
Set up environment variables:
cp .env.example .env -
Set up the MCP server for local development
npm run dev:setup
Helm Chart
helm repo add chrisleekr https://chrisleekr.github.io/helm-charts/
helm repo update
helm install mcp-server-playground chrisleekr/mcp-server-playground
Set up the MCP server for Cursor
-
Create MCP configuration file for local build
Create a
.cursor/mcp.jsonfile in your project directory (for project-specific setup) or~/.cursor/mcp.jsonin your home directory (for global setup):{ "mcpServers": { "mcp-server-playground-cursor": { "type": "http", "url": "http://localhost:3000/mcp" } } }
Use npx @modelcontextprotocol/inspector to test the MCP server
-
Copy
mcp-config.example.jsontomcp-config.json -
Edit
mcp-config.jsonto point to the correct MCP server -
Run the inspector
npm run docker:run # Then run the inspector npx @modelcontextprotocol/inspector -y --config ./mcp-config.json --server mcp-server-playground-cursoror
npm run test:inspector
Setup Auth0 for authorization
-
Create a new application in Auth0
- Go to Auth0 Dashboard
- Click on "Applications"
- Click on "Create Application"
- Name: MCP Server Boilerplate
- Application Type: Regular Web Application
- Click on "Create"
-
Set up the application
- Click on "Settings"
- Set the following settings:
- Allowed Callback URLs:
http://localhost:3000/oauth/auth0-callback - Allowed Web Origins:
http://localhost:3000
- Allowed Callback URLs:
-
Create a new API
- Click on "APIs"
- Click on "Create API"
- Name: MCP Server Boilerplate
- Identifier:
urn:mcp-server-playground - JSON Web Token (JWT) Profile: Auth0
- JSON Web Token (JWT) Signature Algorithm: RS256
- Click on "Create"
TODO
- Streaming is not working as expected. It returns the final result instead of streaming the data.
Screenshots
| Metadata Discovery | Client Registration | Preparing Authorization |
|---|---|---|
| Authorization with 3rd party server | Request Authorization and acquire authorization code | Token Request and Authentication Complete |
|---|---|---|
References
Related Servers
Honeybadger
Interact with the Honeybadger API for error monitoring and reporting using LLMs.
PyPI Query MCP Server
A server to query the Python Package Index (PyPI) for package information, dependencies, and compatibility.
clj-kondo-MCP
Clojure linter
Tatara MCP Server
An MCP server for interacting with the Tatara blockchain ecosystem. Requires configuration for the Tatara RPC endpoint and a wallet private key.
BioMCP
Enhances large language models with protein structure analysis capabilities, including active site analysis and disease-protein searches, by connecting to the RCSB Protein Data Bank.
Feishu API
Fetches API information from Feishu OpenAPI for seamless integration and management within an IDE.
WireMCP
Empowers LLMs with real-time network traffic analysis using tshark. Requires Wireshark's tshark to be installed.
Repo Map
An MCP server (and command-line tool) to provide a dynamic map of chat-related files from the repository with their function prototypes and related files in order of relevance. Based on the "Repo Map" functionality in Aider.chat
Xcode
Tools for Xcode project management, building, testing, archiving, code signing, and iOS development utilities.
MCP Sandbox
An interactive sandbox to safely execute Python code and install packages in isolated Docker containers.