MCP Github OAuth
An MCP server with built-in GitHub OAuth support, deployable on Cloudflare Workers.
Model Context Protocol (MCP) Server + Github OAuth
This is a Model Context Protocol (MCP) server that supports remote MCP connections, with Github OAuth built-in.
You can deploy it to your own Cloudflare account, and after you create your own Github OAuth client app, you'll have a fully functional remote MCP server that you can build off. Users will be able to connect to your MCP server by signing in with their GitHub account.
You can use this as a reference example for how to integrate other OAuth providers with an MCP server deployed to Cloudflare, using the workers-oauth-provider library.
The MCP server (powered by Cloudflare Workers):
- Acts as OAuth Server to your MCP clients
- Acts as OAuth Client to your real OAuth server (in this case, GitHub)
Getting Started
Clone the repo directly & install dependencies: npm install.
Alternatively, you can use the command line below to get the remote MCP Server created on your local machine:
npm create cloudflare@latest -- my-mcp-server --template=cloudflare/ai/demos/remote-mcp-github-oauth
For Production
Create a new GitHub OAuth App:
- For the Homepage URL, specify
https://mcp-github-oauth.<your-subdomain>.workers.dev - For the Authorization callback URL, specify
https://mcp-github-oauth.<your-subdomain>.workers.dev/callback - Note your Client ID and generate a Client secret.
- Set secrets via Wrangler
wrangler secret put GITHUB_CLIENT_ID
wrangler secret put GITHUB_CLIENT_SECRET
wrangler secret put COOKIE_ENCRYPTION_KEY # add any random string here e.g. openssl rand -hex 32
Set up a KV namespace
- Create the KV namespace:
wrangler kv:namespace create "OAUTH_KV" - Update the Wrangler file with the KV ID
Deploy & Test
Deploy the MCP server to make it available on your workers.dev domain
wrangler deploy
Test the remote server using Inspector:
npx @modelcontextprotocol/inspector@latest
Enter https://mcp-github-oauth.<your-subdomain>.workers.dev/sse and hit connect. Once you go through the authentication flow, you'll see the Tools working:
You now have a remote MCP server deployed!
Access Control
This MCP server uses GitHub OAuth for authentication. All authenticated GitHub users can access basic tools like "add" and "userInfoOctokit".
The "generateImage" tool is restricted to specific GitHub users listed in the ALLOWED_USERNAMES configuration:
// Add GitHub usernames for image generation access
const ALLOWED_USERNAMES = new Set([
'yourusername',
'teammate1'
]);
Access the remote MCP server from Claude Desktop
Open Claude Desktop and navigate to Settings -> Developer -> Edit Config. This opens the configuration file that controls which MCP servers Claude can access.
Replace the content with the following configuration. Once you restart Claude Desktop, a browser window will open showing your OAuth login page. Complete the authentication flow to grant Claude access to your MCP server. After you grant access, the tools will become available for you to use.
{
"mcpServers": {
"math": {
"command": "npx",
"args": [
"mcp-remote",
"https://mcp-github-oauth.<your-subdomain>.workers.dev/sse"
]
}
}
}
Once the Tools (under 🔨) show up in the interface, you can ask Claude to use them. For example: "Could you use the math tool to add 23 and 19?". Claude should invoke the tool and show the result generated by the MCP server.
For Local Development
If you'd like to iterate and test your MCP server, you can do so in local development. This will require you to create another OAuth App on GitHub:
- For the Homepage URL, specify
http://localhost:8788 - For the Authorization callback URL, specify
http://localhost:8788/callback - Note your Client ID and generate a Client secret.
- Create a
.dev.varsfile in your project root with:
GITHUB_CLIENT_ID=your_development_github_client_id
GITHUB_CLIENT_SECRET=your_development_github_client_secret
Develop & Test
Run the server locally to make it available at http://localhost:8788
wrangler dev
To test the local server, enter http://localhost:8788/sse into Inspector and hit connect. Once you follow the prompts, you'll be able to "List Tools".
Using Claude and other MCP Clients
When using Claude to connect to your remote MCP server, you may see some error messages. This is because Claude Desktop doesn't yet support remote MCP servers, so it sometimes gets confused. To verify whether the MCP server is connected, hover over the 🔨 icon in the bottom right corner of Claude's interface. You should see your tools available there.
Using Cursor and other MCP Clients
To connect Cursor with your MCP server, choose Type: "Command" and in the Command field, combine the command and args fields into one (e.g. npx mcp-remote https://<your-worker-name>.<your-subdomain>.workers.dev/sse).
Note that while Cursor supports HTTP+SSE servers, it doesn't support authentication, so you still need to use mcp-remote (and to use a STDIO server, not an HTTP one).
You can connect your MCP server to other MCP clients like Windsurf by opening the client's configuration file, adding the same JSON that was used for the Claude setup, and restarting the MCP client.
How does it work?
OAuth Provider
The OAuth Provider library serves as a complete OAuth 2.1 server implementation for Cloudflare Workers. It handles the complexities of the OAuth flow, including token issuance, validation, and management. In this project, it plays the dual role of:
- Authenticating MCP clients that connect to your server
- Managing the connection to GitHub's OAuth services
- Securely storing tokens and authentication state in KV storage
Durable MCP
Durable MCP extends the base MCP functionality with Cloudflare's Durable Objects, providing:
- Persistent state management for your MCP server
- Secure storage of authentication context between requests
- Access to authenticated user information via
this.props - Support for conditional tool availability based on user identity
MCP Remote
The MCP Remote library enables your server to expose tools that can be invoked by MCP clients like the Inspector. It:
- Defines the protocol for communication between clients and your server
- Provides a structured way to define tools
- Handles serialization and deserialization of requests and responses
- Maintains the Server-Sent Events (SSE) connection between clients and your server
相關伺服器
Scout Monitoring MCP
贊助Put performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
贊助Access financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Root Signals
Equip AI agents with evaluation and self-improvement capabilities with Root Signals.
Sleep MCP Server
Provides a sleep/wait tool to add delays between operations, such as waiting between API calls or testing eventually consistent systems.
weibaohui/kom
Provides multi-cluster Kubernetes management and operations using MCP, It can be integrated as an SDK into your own project and includes nearly 50 built-in tools covering common DevOps and development scenarios. Supports both standard and CRD resources.
OpsLevel
Interact with your OpsLevel account using read-only access.
Solana Metrics MCP Server
Analyze Solana metrics from InfluxDB and generate Grafana dashboards.
NuGet Package README
Fetches comprehensive information about NuGet packages from the NuGet Gallery, including READMEs, metadata, and search functionality.
MCP Analytics with GitHub OAuth
A remote MCP server with GitHub OAuth authentication and built-in analytics tracking.
DeployHQ
A Model Context Protocol (MCP) server for DeployHQ that enables AI assistants like Claude Desktop and Claude Code to interact with your DeployHQ deployments.
Remote MCP Server on Cloudflare
A template for deploying a remote MCP server on Cloudflare Workers, customizable by defining tools in the source code.
Claude Code MCP
Orchestrates multiple Claude Code agents across iTerm2 sessions, providing centralized management and inter-agent communication.