Skip to content

MCP auth for remote clients #30

Open
0 of 1 issue completed
Open
MCP auth for remote clients#30
0 of 1 issue completed
Labels
area:infraDocker, CI/CD, deploy, install.shtype:featureNew feature
@TomMaSS

Description

@TomMaSS
TomMaSS
opened on Mar 20, 2026

Summary

Add authentication layer for remote MCP clients connecting over HTTP, beyond the current localhost/stdio usage.

Technical Approach

  • Token-based auth for streamable-http transport
  • Reuse existing org API key mechanism or add MCP-specific tokens
  • Auth middleware on /mcp/ endpoint checking Authorization header
  • SSH tunnel documentation as alternative for trusted networks
  • Rate limiting per token

Key Files

  • mcp_server/main.py — MCP transport setup
  • mcp_server/routes/auth.py — existing auth logic

Acceptance Criteria

  • Remote MCP clients authenticate via token
  • Unauthorized requests rejected with 401
  • SSH tunnel setup documented as alternative
  • Rate limiting per client token

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:infraDocker, CI/CD, deploy, install.shtype:featureNew feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions