Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Auth for MCP: Secure MCP servers using OAuth

Avatar for Deepu K Sasidharan Deepu K Sasidharan
October 01, 2025
Programming
0
17

Auth for MCP: Secure MCP servers using OAuth

Learn how to secure MCP servers using Ouath and Auth0

Avatar for Deepu K Sasidharan

Deepu K Sasidharan

October 01, 2025
Tweet

More Decks by Deepu K Sasidharan

See All by Deepu K Sasidharan
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
Avatar for Deepu K Sasidharan deepu105
0
14
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
Avatar for Deepu K Sasidharan deepu105
0
20
Auth0 for AI Agents
Avatar for Deepu K Sasidharan deepu105
1
51
Securing the Future of AI: Authorization Strategies for RAG Systems using LangChain4J and OpenFGA
Avatar for Deepu K Sasidharan deepu105
0
77
Demystifying OAuth and OIDC: JFokus
Avatar for Deepu K Sasidharan deepu105
1
130
Mastering Kubernetes Security from Containers to Cluster Fortresses
Avatar for Deepu K Sasidharan deepu105
1
81
Go containerless on Kubernetes
Avatar for Deepu K Sasidharan deepu105
1
120
A Passwordless Future! Passkeys for Java Developers
Avatar for Deepu K Sasidharan deepu105
0
140
Go containerless on Kubernetes with WebAssembly and Rust
Avatar for Deepu K Sasidharan deepu105
0
70

Other Decks in Programming

See All in Programming
What Spring Developers Should Know About Jakarta EE
Avatar for ivargrimstad ivargrimstad
0
420
バッチ処理を「状態の記録」から「事実の記録」へ
Avatar for HideyukiKitao panda728
PRO
0
190
NixOS + Kubernetesで構築する自宅サーバーのすべて
Avatar for ichi-h ichi_h3
0
1.1k
PHPに関数型の魂を宿す〜PHP 8.5 で実現する堅牢なコードとは〜 #phpcon_hiroshima / phpcon-hiroshima-2025
Avatar for shogogg shogogg
1
320
その面倒な作業、「Dart」にやらせませんか? Flutter開発者のための業務効率化
Avatar for YomEngine yordgenome03
1
140
monorepo の Go テストをはやくした〜い!~最小の依存解決への道のり~ / faster-testing-of-monorepos
Avatar for convto convto
2
530
タスクの特性や不確実性に応じた最適な作業スタイルの選択(ペアプロ・モブプロ・ソロプロ)と実践 / Optimal Work Style Selection: Pair, Mob, or Solo Programming.
Avatar for yuki honyanya
3
190
kiroとCodexで最高のSpec駆動開発を!!数時間で web3ネイティブなミニゲームを作ってみたよ!
Avatar for Haruki Kondo mashharuki
0
860
Android16 Migration Stories ~Building a Pattern for Android OS upgrades~
Avatar for Swimmy reoandroider
0
130
デミカツ切り抜きで面倒くさいことはPythonにやらせよう
Avatar for aokirishima aokswork3
0
260
When Dependencies Fail: Building Antifragile Applications in a Fragile World
Avatar for Selçuk Usta selcukusta
0
110
Claude Agent SDK を使ってみよう
Avatar for Hayami Shuhei hyshu
0
1.4k

Featured

See All Featured
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
514
110k
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
2.8k
Scaling GitHub
Avatar for Zach Holman holman
463
140k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
209
24k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
667
130k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.3k
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
32
1.2k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.2k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
303
21k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
Docker and Python
Avatar for Tania Allard trallard
46
3.6k

Transcript

  1. Auth for MCP Secure MCP servers using OAuth Deepu K

    Sasidharan

  2. @auth0 | @deepu105 | deepu.tech ➔ JHipster co-chair ➔ Creator

    of KDash, JDL Studio, JWT UI ➔ Developer Advocate @ Auth0 ➔ OSS aficionado, polyglot dev, Java Champion, author, speaker Hi, I’m Deepu K Sasidharan @[email protected] deepu.tech @deepu105.bsky.social deepu05

  3. @auth0 | @deepu105 | deepu.tech MCP & Security OAuth for

    MCP

  4. @auth0 | @deepu105 | deepu.tech • Standardized in MCP spec

    • MCP clients and servers can use OAuth to delegate authorization • MCP servers are resource servers • Built-in Security Baseline (PKCE by default) • Simplified Connections (Metadata Discovery) • Seamless Onboarding (Dynamic Client Registration - DCR) • Leveraging Your Existing Identity Infrastructure (Third-Party Auth) Authorization using OAuth 2.1.

  5. @auth0 | @deepu105 | deepu.tech Metadata Discovery

  6. @auth0 | @deepu105 | deepu.tech Dynamic Client Registration

  7. @auth0 | @deepu105 | deepu.tech Authorization Flow

  8. @auth0 | @deepu105 | deepu.tech Authorization Flow (Full)

  9. @auth0 | @deepu105 | deepu.tech FastMCP Server with OAuth flow

    github.com/deepu105/auth0-fastmcp-demo

  10. @auth0 | @deepu105 | deepu.tech Auth0 MCP Server

  11. @auth0 | @deepu105 | deepu.tech # Install the MCP server

    npx @auth0/auth0-mcp-server init # Select scopes and authorize # Configure the MCP server in Goose goose configure # Add extension > command line # Name: auth0 # command: npx -y @auth0/auth0-mcp-server run --tools * # Env: DEBUG: auth0-mcp Setup

  12. @auth0 | @deepu105 | deepu.tech # Prompts ## Create Auth0

    application Create a new Auth0 web app application named ‘My Web App’, with a Callback URL http://localhost:3000/callback and an Allowed Logout URL http://localhost:3000 and make sure it is OIDC compliant and set the JWT to use alg RS256 ## Get app details Get the auth0 app #ID Manage Auth0 Apps

  13. @auth0 | @deepu105 | deepu.tech # Prompts ## Create Auth0

    application Create a new Auth0 web app application named ‘My Web App’, with a Callback URL http://localhost:3000/callback and an Allowed Logout URL http://localhost:3000 and make sure it is OIDC compliant and set the JWT to use alg RS256 ## Get app details Get the auth0 app #ID Get logs

  14. @auth0 | @deepu105 | deepu.tech Auth for GenAI a0.to/ai-event

  15. @auth0 | @deepu105 | deepu.tech AI Content from Auth0 https://auth0.com/blog/ai/

  16. Thank You