Secure middleware server implementing Model Context Protocol (MCP) over SSE with JWT authentication. Enables standardized communication between AI tools and clients with dynamic tool registration, request logging, and session management. Perfect for building production-ready AI systems requiring secure access patterns.
What is anisirji mcp server remote setup with jwt auth
๐ SSE MCP Server with JWT Authentication
This is a Model Context Protocol (MCP) SSE server with JWT-based authentication.
It allows you to expose multiple AI tools over an SSE transport, protected via secure Bearer Token flow.
Built with:
- ๐ Node.js + Express
- ๐งฉ @modelcontextprotocol/sdk
- ๐ JSON Web Tokens (JWT) for authentication
- โ๏ธ Zod for input validation
โ Fully tested with
@modelcontextprotocol/inspector
๐ Project Structure
server/
โโโ index.ts # Main Express + MCP server
โโโ .env # Environment variables
โโโ package.json # Project metadata & scripts
โโโ tsconfig.json # TypeScript config
โโโ README.md # You are here!
โจ Features
- โ Secure SSE connection using Bearer JWT token
- โ Dynamic Tool registration (echo, time, random number, etc.)
- โ Tested with MCP Inspector
- โ Logs all request lifecycle events
- โ Session management for /message endpoint
- ๐ Ready to extend for production use
โ๏ธ Setup
1. Clone the repository
git clone https://github.com/anisirji/mcp-server-remote-setup-with-jwt-auth.git
cd mcp-server-remote-setup-with-jwt-auth
2. Install dependencies
npm install
3. Create .env file
echo "JWT_SECRET=your-secret-key" > .env
4. Run the server
npm run dev
โ Server will run on:
http://localhost:3001/sse
๐งช Testing the server with MCP Inspector
Step 1 โ Install MCP Inspector
๐ Official Docs: MCP Inspector
npx @modelcontextprotocol/inspector
Step 2 โ Generate a token
Use cURL to get your JWT token:
curl "http://localhost:3001/auth/token?username=aniket&scope=mcp:access"
โ Example response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Step 3 โ Connect MCP Inspector
- Open Inspector UI
- Set Transport Type: SSE
- URL:
http://localhost:3001/sse - Add Authorization Header:
Authorization: Bearer <your-token> - Click Connect
๐ Success! Your server is now connected.
Step 4 โ Test tools
Go to Tools tab in Inspector and click List Tools.
You will see:
- โ
test - โ
echo - โ
get-time - โ
random-number
Test them and enjoy!
๐ API Reference
๐ Generate Token
GET /auth/token?username=<username>&scope=mcp:access
๐ SSE Endpoint (requires token)
GET /sse
Authorization: Bearer <token>
๐ฉ Send Message to active session
POST /message?sessionId=<sessionId>
Authorization: Bearer <token>
๐งฉ Tools Reference
| Tool Name | Description |
|---|---|
test |
Test connection (security check) |
echo |
Echo back provided message |
get-time |
Returns current server time |
random-number |
Returns random number (min/max) |
๐๏ธ Upcoming Changes
- Token revocation list (blacklist)
- Role-based tool access (scope checks)
- Session heartbeat / keep-alive
- Rate limiting & logging
- Dockerization for deployment
๐ Useful Resources
๐จโ๐ป Maintainer
Aniket
๐ License
This project is open-source and free to use.
๐ Build. Secure. Empower.
Leave a Comment
Frequently Asked Questions
What is MCP?
MCP (Model Context Protocol) is an open protocol that standardizes how applications provide context to LLMs. Think of MCP like a USB-C port for AI applications, providing a standardized way to connect AI models to different data sources and tools.
What are MCP Servers?
MCP Servers are lightweight programs that expose specific capabilities through the standardized Model Context Protocol. They act as bridges between LLMs like Claude and various data sources or services, allowing secure access to files, databases, APIs, and other resources.
How do MCP Servers work?
MCP Servers follow a client-server architecture where a host application (like Claude Desktop) connects to multiple servers. Each server provides specific functionality through standardized endpoints and protocols, enabling Claude to access data and perform actions through the standardized protocol.
Are MCP Servers secure?
Yes, MCP Servers are designed with security in mind. They run locally with explicit configuration and permissions, require user approval for actions, and include built-in security features to prevent unauthorized access and ensure data privacy.
Related MCP Servers
chrisdoc hevy mcp
sylphlab pdf reader mcp
An MCP server built with Node.js/TypeScript that allows AI agents to securely read PDF files (local or URL) and extract text, metadata, or page counts. Uses pdf-parse.
aashari mcp server atlassian bitbucket
Node.js/TypeScript MCP server for Atlassian Bitbucket. Enables AI systems (LLMs) to interact with workspaces, repositories, and pull requests via tools (list, get, comment, search). Connects AI directly to version control workflows through the standard MCP interface.
aashari mcp server atlassian confluence
Node.js/TypeScript MCP server for Atlassian Confluence. Provides tools enabling AI systems (LLMs) to list/get spaces & pages (content formatted as Markdown) and search via CQL. Connects AI seamlessly to Confluence knowledge bases using the standard MCP interface.
prisma prisma
Next-generation ORM for Node.js & TypeScript | PostgreSQL, MySQL, MariaDB, SQL Server, SQLite, MongoDB and CockroachDB
Zzzccs123 mcp sentry
mcp sentry for typescript sdk
zhuzhoulin dify mcp server
zhongmingyuan mcp my mac
zhixiaoqiang desktop image manager mcp
MCP ๆๅกๅจ๏ผ็จไบ็ฎก็ๆก้ขๅพ็ใๆฅ็่ฏฆๆ ใๅ็ผฉใ็งปๅจ็ญ๏ผๅฎๅ จ่ฎฉTraeๅฎ็ฐ๏ผ
zhixiaoqiang antd components mcp
An MCP service for Ant Design components query | ไธไธชๅๅฐ Ant Design ็ปไปถไปฃ็ ็ๆๅนป่ง็ MCP ๆๅก๏ผๅ ๅซ็ณป็ปๆ็คบ่ฏใ็ปไปถๆๆกฃใAPI ๆๆกฃใไปฃ็ ็คบไพๅๆดๆฐๆฅๅฟๆฅ่ฏข
Submit Your MCP Server
Share your MCP server with the community
Submit Now