LogoMCP Auth

Installation

Install and bootstrap @mcpauth/auth in any Node.js project

Installation

This guide walks you through the minimal steps to spin-up @mcpauth/auth in your project.

1. Install the package

Since @mcpauth/auth is pre-1.0, we recommend installing a pinned version to avoid breaking changes on minor/patch version bumps.

npm install @mcpauth/auth@0.1.0

2. Set environment variables

Create a .env (or .env.local for Next.js) and add the following variables:

# Comma-separated list of CORS allowed origins for the OAuth flow
MCPAUTH_ALLOWED_ORIGIN="http://localhost:3000,http://localhost:6274"

# Secret used to sign the `state` parameter
MCPAUTH_SECRET=<openssl rand -hex 32>

# Private key used to sign JWTs – must begin with BEGIN PRIVATE KEY
MCPAUTH_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"

See the Configuration page for a full list of tunable options.

You can generate a new MCPAUTH_PRIVATE_KEY with the following openssl command:

openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048

Then, copy the contents of private_key.pem into the MCPAUTH_PRIVATE_KEY variable.

3. Choose an adapter & store

  • Framework adapter – e.g. next, express (see dedicated pages).
  • Database store – e.g. Drizzle, Prisma, or MySQL (see Database Stores).

Next: Configuration ➡️

Overview

Introduction and feature overview for @mcpauth/auth

Configuration

Environment variables and provider options for @mcpauth/auth